svn commit: r330105 - head/etc/rc.d
Kristof Provost
kp at FreeBSD.org
Wed Feb 28 16:24:39 UTC 2018
On 28 Feb 2018, at 22:04, Rodney W. Grimes wrote:
> So might it be better to correct what it was attempting to do,
> and wrap that in a conditional? I may or may not want this
> to exist after a reload, and that should be my option, alternative
> is for me to either edit this file, or write my own. Or having
> to execute a bunch of -F commands by hand.
>
> It was clearly the intent of the original author to have these
> flushed, fixing the mistake by removing the flushes is one way
> to fix it. I am asking for consideration on that there is another
> desired solution, and that both can exist with a simple knob.
>
Yes, but what was originally attempted was to keep the existing connections.
This is currently the case. There’s no point to flushing anything before
loading the new rules.
If you want to be able to choose wether or not to keep the existing
connections we could add a conditional `pfctl -F states`, but you can already
accomplish this by calling `/etc/rc.d/pf restart` rather than `/etc/rc.d/pf
reload`. I'm not sure it's worth adding a new knob.
Regards,
Kristof
More information about the svn-src-all
mailing list