On Tue, 7 Aug 2007 15:46:41 -0400 "Austin Murphy" <[EMAIL PROTECTED]> wrote:
> I inherited a "transparent" bridging firewall running > OpenBSD 3.8 and pf. I would like to add two new filter > rules without disrupting the current network traffic. The > pfctl man page did not seem to indicate a way to load a > single filter rule to a running configuration. > > If I made a new file with a just the new rules and loaded > it with something like "pfctl -f two.pf.rules.conf", would > all the existing filter rules be dropped and would only the > two new rules be in effect? > > Let's say I updated the existing config file, /etc/pf.conf, > with my new rules. What would happen if I ran "pfctl > -f /etc/pf.conf"? > I'd suggest "pfctl -n -f /etc/pf.conf" > Would the existing state table be flushed? Would there be > a point in this time frame where there were no filter rules > loaded and packets would get dropped? > > Thanks, > > Austin
