On Sun, Mar 24, 2019 at 09:24:34AM +0100, Alexandr Nedvedicky wrote: > I think all the above calls for a new standalone option, which I named as > 'Unconfigure'. Patch below suggest unconfigure behavior for PF. > Doing 'pfctl -U' will bring PF back to its initial state (e.g. right before > pf.conf got processed during the system boot). In case of PF the proposed -U > will do following: > - remove all rulesets and tables > - remove all states and source nodes > - remove all OS fingerprints > - set all limits, timeouts and options to their defaults >
Isn't -U pretty close to -Fall ?