Hehe, I knew I'll get this reply. ;-) The question was which configuration is active, not what will be activated by pfctl -f /etc/pf.conf, that's the difference. I think that could help some people in multi-admin environments ;-)
Regards Hagen Volpers > -----Urspr|ngliche Nachricht----- > Von: Paul de Weerd [mailto:[EMAIL PROTECTED] > Gesendet: Freitag, 25. Juli 2008 22:37 > An: openbsd misc > Cc: misc@openbsd.org > Betreff: Re: pfctl > > On Fri, Jul 25, 2008 at 10:16:21PM +0200, openbsd misc wrote: > | Hi, > | > | interessting point. How about dumping it to a file or > something so you are > | able to check what was loaded last time (e.g. a file with 400 under > | /var/whatever)? > > GREAT IDEA ! > > How about /etc/pf.conf ? > > Cheers ! > > Paul 'WEiRD' de Weerd > > | Regards > | Hagen Volpers > | > | > | > -----Urspr|ngliche Nachricht----- > | > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > | > Im Auftrag von Stuart Henderson > | > Gesendet: Freitag, 25. Juli 2008 17:15 > | > An: Charlie Clark > | > Cc: misc@openbsd.org > | > Betreff: Re: pfctl > | > > | > On 2008/07/25 14:53, Charlie Clark wrote: > | > > Stuart Henderson wrote: > | > >> On 2008-07-25, Charlie Clark <[EMAIL PROTECTED]> wrote: > | > >> > | > >>> Hi, > | > >>> > | > >>> I have noticed that you are unable to view the > currently loaded > | > >>> options for pf using pfctl, even 'pfctl -sa' doesn't show the > | > >>> options eg. set skip on tun0. > | > >>> Is this going to be implemented soon or is it there and > | > I'm missing > | > >>> something? > | > >>> > | > >>> Regards, > | > >>> > | > >>> > | > >> > | > >> Someone asked about this recently. > | > >> http://marc.info/?l=openbsd-misc&w=2&r=1&s=set+skip+pfctl&q=b > | > >> > | > >> > | > >> > | > > Yes sorry I posted this by accident, I still haven't got a valid > | > > solution for this though. > | > > | > "set XX" options are a mix of directives to pf and to pfctl, > | > the pfctl directives don't get stored anywhere so you can't > | > retrieve them later. The ones affecting pf are available but > | > in a different format. > | > > -- > >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+ > +++++++++++>-]<.>++[<------------>-]<+.--------------.[-] > http://www.weirdnet.nl/
