Hi,
just run into the issue of a not documeted change in pf ;)
Sinc Rev. 1.196 of pf_ioctl.c killed states are no longer returned in
pfioc_state_kill.psk_af but instead in the new
pfioc_state_kill.psk_killed.
There are even more changes, but I guess they will be documented in
short time.
regards,
olli
Index: pf.4
===================================================================
RCS file: /cvs/src/share/man/man4/pf.4,v
retrieving revision 1.65
diff -u -r1.65 pf.4
--- pf.4 1 Sep 2009 13:44:01 -0000 1.65
+++ pf.4 10 Nov 2009 23:17:34 -0000
@@ -312,7 +312,7 @@
.It Dv DIOCKILLSTATES Fa "struct pfioc_state_kill *psk"
Remove matching entries from the state table.
This ioctl returns the number of killed states in
-.Va psk_af .
+.Va psk_killed .
.Bd -literal
struct pfioc_state_kill {
sa_family_t psk_af;
@@ -320,6 +320,7 @@
struct pf_rule_addr psk_src;
struct pf_rule_addr psk_dst;
char psk_ifname[IFNAMSIZ];
+ u_int psk_killed;
};
.Ed
.It Dv DIOCCLRSTATES Fa "struct pfioc_state_kill *psk"
