[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

limit & ruleset reload



Hi,
thanks to [email protected] I've understood that PF doesn't restore default values when 
loading a ruleset that doesn't set a limit.
-------pf1.conf----------------- 
pass in quick inet keep state (source-track global, max-src-states 3)
----------------------------------
# pfctl -f pf1.conf ; pfctl -s all
..
src-nodes		hard limit		10000
..
Now pf2 set a lower limit
-------pf2.conf----------------- 
set limit src-nodes 2000
pass in quick inet keep state (source-track global, max-src-states 3)
----------------------------------
# pfctl -f pf1.conf ; pfctl -s all
..
src-nodes		hard limit		2000
..
Again pf1
-------pf1.conf----------------- 
pass in quick inet keep state (source-track global, max-src-states 3)
----------------------------------
# pfctl -f pf1.conf ; pfctl -s all
..
src-nodes		hard limit		2000	<--- why not 10000 ?
..
Is this a bug or a feature ? ;-)
	Ed