Hello, I'm fine with your pfctl.c change.
Although I like your brief version of manpage, wearing admin's hat, I'm somewhat missing line: > -k host | network | label | key | id so how about one small change below: --------8<---------------8<---------------8<------------------8<-------- --- pfctl.8.new.jason Sun Apr 23 12:10:00 2017 +++ pfctl.8.sashan Sun Apr 23 12:15:56 2017 @@ -224,7 +224,7 @@ .Fl K option may be specified, which will kill all the source tracking entries from the first host/network to the second. -.It Fl k Ar key +.It Fl k Ar host | network Kill all of the state entries originating from the host or network specified by .Ar key . @@ -239,6 +239,7 @@ .Pp .Dl # pfctl -k 0.0.0.0/0 -k host2 .Pp +.It Fl k Ar label | key | id It is also possible to kill states by rule label, state key, or state ID. In this mode the first .Fl k --------8<---------------8<---------------8<------------------8<-------- I don't insist on suggestion above, if you feel it is wrong/inconsistent go ahead and commit your patch as-is. thanks and regards sasha
