On Mon, Nov 07, 2022 at 04:09:44PM +0100, Alexandr Nedvedicky wrote:
> Hello,
>
> resending the same diff, just updated to current.
> (pointed out by dlg@)
Oh and this needs a pf.conf(5) update:
once Creates a one shot rule that will remove itself from an active
ruleset after the first match. In case this is the only rule in
the anchor, the anchor will be destroyed automatically after the
rule is matched.
Probably something like
1. "remove itself" -> "expire"
(I'd expect /expire in pf.conf(5) to lead me here)
2. anchors will now remain
3. maybe mention how expired rules are marked in pfctl (-v) output
