> On 31. May 2021, at 11:03, Otto Moerbeek <o...@drijf.net
> <mailto:o...@drijf.net>> wrote:
>
> On Mon, May 31, 2021 at 10:32:56AM +0200, Heinrich Rebehn wrote:
>
>> Hi list,
>>
>> My /etc/pf.conf contains a table which is initialized from a file:
>>
>> table <myservers> file "/root/pf/tables/myservers”
>>
>> This table ist not referred to in pf.conf, but in an anchor which is loaded
>> later on.
>> I found out that even when the anchor is loaded, the table does not exist.
>
> See the "persist" keywoard in pf.conf.
>
> -Otto
Thanks, I should have known that. For some reason I figured that initializing
from a file would include “persist”, but that is nonsense.
-Heinrich
>
>>
>> # pfctl -t myservers -T show
>> pfctl: Table does not exist
>> # pfctl -sT
>> private
>> rtun0
>> rtun1
>> trusted
>>
>> If I load pf with "# pfctl -o none -f /etc/pf.conf", the table appears. If I
>> use
>>
>> set ruleset-optimization none
>>
>> it doesn’t.
>>
>> Is this expected behavior?
>>
>> Also rcctl(8) does not allow eating flags for pf
>>
>> # rcctl set pf flags "-o none"
>> rcctl: "pf" is a special variable, cannot "set flags”
>>
>> Workaounds would be setting flag in /etc/rc.conf.local or adding "pfctl -o
>> none -f /etc/pf.conf” to rc.local
>>
>> Any thoughts?
>>
>> -Heinrich
