pfctl -Fs flushes the state table. Bear in mind this will drop your current ssh session to the firewall if that is how you access it.
pftop has a nice layout of the state table if you want to see which rules/stats are allowing traffic. Axton Grams On 3/8/06, Stuart Henderson <[EMAIL PROTECTED]> wrote: > On 2006/03/07 23:08, Chris Zakelj wrote: > > Aye. You're flushing rules and NAT, but not your state table. Since > > the state is already established, rules aren't re-evaluated. Adding a > > state flush ought to get AOL wiped out. Just be mindful that if you > > have something going on (like an SSH session), those states will also > > get nailed. > > Removing 'flags S/SA' from the pass rules should help there.
