pfctl -i

[Toomas Pelberg]

pfctl man page says:

-i interface
             Restrict the operation to the given interface.

..what exactly is meant under the word "operation" ?

My problem: I want to load a different ruleset for each interface
( jails ) and not care about what's in the ruleset as long as it doesn't
affect anything outside the jail ( which is bound to a specific ip on a
seperate interface )

I tried loading pfctl -i lo1 -f test.fire which contained "block quick
all" ..which promptly killed everything :/

And no, it's not about using the loopback interface.. same goes for
"real" interfaces like nve & fxp. Neither does it restrict you from
loading "block quick on another_iterface all" and still killing
everything..

OpenBSD seems to act the same, so it's probably not an porting bug.