On Mon, Mar 15, 2010 at 12:54:09PM +0100, Toni Mueller wrote: > > Not using "-R" is not too good, either, as on this particular box, > reloading everything results in a severance of all existing > connections. A clarification in the docs is imho the way to go. My > 'nroff' is almost nonexistant, but here's a diff: > > > --- pfctl.8.orig Wed Jun 11 09:23:36 2008 > +++ pfctl.8 Mon Mar 15 12:53:04 2010 > @@ -354,7 +354,9 @@ > Only print errors and warnings. > .It Fl R > Load only the filter rules present in the rule file. > -Other rules and options are ignored. > +Other rules and options are ignored. If you are using > +tables, you need to also specify one of "-T load" or > +"-o none". > .It Fl r > Perform reverse DNS lookups on states when displaying them. > .It Fl s Ar modifier >
doesn;t "Other rules and options are ignored." already cover this? furthermore, since -T has a load command, should we really expect -R to load tables? i don;t see that it needs to be more explicit. jmc
