David Chubb ([EMAIL PROTECTED]) wrote: > I ran into this with pf under OpenBSD 3.2. > > The workaround at the time was to inclue the "-F rules" in the command to > have it flush the current ruleset before loading the new one. Not sure if > this is a long term fix or not but it worked for me.
That's not a viable long-term fix, because it's precisely what I'm trying to *avoid* by using the table. Before I used the table, I'd just do "pfctl -f /etc/pf.conf" to re-read the list of banned IP addresses from pf.conf, but whenever I do this, all of the existing connections lose their queues and get reassigned to the default queue. That's bad. -- Greg Wooledge | "Truth belongs to everybody." [EMAIL PROTECTED] | - The Red Hot Chili Peppers http://wooledge.org/~greg/ |
signature.asc
Description: Digital signature
