On 2024-05-21, Maksim Rodin <a23s4a2...@yandex.ru> wrote: > I solved the problem by copying the entire rule block right after > the old one and commenting out the old one. > > New: > pass in on egress inet proto tcp to (egress) port $mail_ports \ > keep state (max-src-conn 20, \ > max-src-conn-rate 35/300, overload <bad_ips> \ > flush global) \ > rdr-to $mail_server > > Old: > pass in on egress inet proto tcp to (egress) \ > port $mail_ports \ > keep state (max-src-conn 20, \ > max-src-conn-rate 35/300, overload <bad_ips> \ > flush global) rdr-to $mail_server > > I only split one line and merged two other lines into one > but I think I did it correctly and I do not see any logical > changes in the block. ... >> My whole pf.conf (all uncommented lines):
We can't tell if it was done correctly because you excluded commented lines from the file you showed. Read pf.conf(5) DESCRIPTION section, paragraph starting "The current line can be extended over multiple lines".
