Hello, diff below updates pf(4) manpage to reflect changes [1] which were committed earlier today.
does update to pf(4) read OK? thanks and regards sashan [1] https://marc.info/?l=openbsd-cvs&m=168848058603797&w=2 https://marc.info/?l=openbsd-cvs&m=168847042626997&w=2 --------8<---------------8<---------------8<------------------8<-------- diff --git a/share/man/man4/pf.4 b/share/man/man4/pf.4 index 92eeb45f657..305c536b137 100644 --- a/share/man/man4/pf.4 +++ b/share/man/man4/pf.4 @@ -48,12 +48,25 @@ and retrieve statistics. The most commonly used functions are covered by .Xr pfctl 8 . .Pp -Manipulations like loading a ruleset that involve more than a single +Operations like loading or reading a ruleset that involve more than a single .Xr ioctl 2 call require a so-called .Em ticket , -which prevents the occurrence of -multiple concurrent manipulations. +which allows +.Xr pf 4 +to deal with concurrent operations. +For certain +.Xr ioctl 2 +commands (currently +.Dv DIOCGETRULES ) +the number of tickets application can obtain is limited. +The application must explicitly release the ticket using +.Dv DIOCXEND +command to avoid hitting the limit. +All tickets which are not freed by +.Dv DIOCXEND +are released when application closes +.Pa /dev/pf . .Pp Fields of .Xr ioctl 2 @@ -132,6 +145,9 @@ for subsequent calls and the number .Va nr of rules in the active ruleset. +The ticket should be released by +.Dv DIOCXEND +command. .It Dv DIOCGETRULE Fa "struct pfioc_rule *pr" Get a .Va rule @@ -792,6 +808,10 @@ inactive rulesets since the last .Dv DIOCXBEGIN . .Dv DIOCXROLLBACK will silently ignore rulesets for which the ticket is invalid. +.It Dv DIOCXEND Fa "u_int32_t *ticket" +Release ticket obtained by +.Dv DIOCGETRULES +command. .It Dv DIOCSETHOSTID Fa "u_int32_t *hostid" Set the host ID, which is used by .Xr pfsync 4
