Date: Wed, 21 Mar 2018 09:58:32 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 127814] [pf] The flush in pf_reload in /etc/rc.d/pf does not work as intended Message-ID: <bug-127814-17777-fmlWhiRKoa@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-127814-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-127814-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D127814 --- Comment #5 from commit-hook@freebsd.org --- A commit references this bug: Author: kp Date: Wed Mar 21 09:57:30 UTC 2018 New revision: 331289 URL: https://svnweb.freebsd.org/changeset/base/331289 Log: MFC 330105: pf: Do not flush on reload pfctl only takes the last '-F' argument into account, so this never did w= hat was intended. Moreover, there is no reason to flush rules before reloading, because pf keeps track of the rule which created a given state. That means that existing connections will keep being processed according to the rule which origina= lly created them. Simply reloading the (new) rules suffices. The new rules wi= ll apply to new connections. PR: 127814 Submitted by: Andreas Longwitz <longwitz at incore.de> Changes: _U stable/10/ stable/10/etc/rc.d/pf --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-127814-17777-fmlWhiRKoa>