On 8/7/07, Stuart Henderson <[EMAIL PROTECTED]> wrote: > On 2007/08/07 15:46, Austin Murphy wrote: > > If I made a new file with a just the new rules and loaded it with > > something like "pfctl -f two.pf.rules.conf", would all the existing > > filter rules be dropped and would only the two new rules be in effect? > > Yes. > > > Let's say I updated the existing config file, /etc/pf.conf, with my > > new rules. What would happen if I ran "pfctl -f /etc/pf.conf"? > > This would do what you want. > > > Would the existing state table be flushed? > > No. You'd need a -F <something> to flush things. > > > Would there be a point in this time frame where there were no > > filter rules loaded and packets would get dropped? > > No.
This is exactly what I wanted to hear! I'll make sure to run the syntax checker too. Thanks, Austin
