Date: Wed, 28 Feb 2018 08:54:04 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 127814] [pf] The flush in pf_reload in /etc/rc.d/pf does not work as intended Message-ID: <bug-127814-17777-VfZjBMKYQr@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-127814-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-127814-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D127814 --- Comment #3 from commit-hook@freebsd.org --- A commit references this bug: Author: kp Date: Wed Feb 28 08:53:07 UTC 2018 New revision: 330105 URL: https://svnweb.freebsd.org/changeset/base/330105 Log: pf: Do not flush on reload pfctl only takes the last '-F' argument into account, so this never did w= hat was intended. Moreover, there is no reason to flush rules before reloading, because pf keeps track of the rule which created a given state. That means that existing connections will keep being processed according to the rule which origina= lly created them. Simply reloading the (new) rules suffices. The new rules wi= ll apply to new connections. PR: 127814 Submitted by: Andreas Longwitz <longwitz at incore.de> MFC after: 3 weeks Changes: head/etc/rc.d/pf --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-127814-17777-VfZjBMKYQr>