A short update on this one.
We have two identical boxes running pf in bridge mode. The boxes are
in parallel and we use the cisco switch/routers to handle the
failover. Both the boxes receive the rulesets but only the 'active'
one generates the error.
I guess when all else fails we will
This afternoon pfctl started spitting out this message every time we
reload the rule set. So far as I can tell nothing substantial changed
at this point. Perhaps a new table was created or an IP added to an
existing table. (the ruleset is built from a database and there have
been quite a
