>Synopsis: pfctl -t tbl -T test addr_not_in_tbl gives errors
>Category: system
>Environment:
System : OpenBSD 7.8
Details : OpenBSD 7.8-current (GENERIC.MP) #10: Sun Oct 19 11:22:03
AEDT 2025
[email protected]:/sys/arch/amd64/compile/GENERIC.MP
Architecture: OpenBSD.amd64
Machine : amd64
>Description:
On 7.8 and -current (on all amd64 hosts tried),
"pfctl -t example -T test addr_not_in_example" results in errors:
0/1 addresses match.
pfctl: DIOCSETLIMIT (states): Permission denied
pfctl: DIOCSETLIMIT (src-nodes): Permission denied
pfctl: DIOCSETLIMIT (frags): Permission denied
pfctl: DIOCSETLIMIT (tables): Permission denied
pfctl: DIOCSETLIMIT (table-entries): Permission denied
pfctl: DIOCSETLIMIT (pktdelay-pkts): Permission denied
pfctl: DIOCSETLIMIT (anchors): Permission denied
>How-To-Repeat:
# pfctl -t example -T test addr_not_in_example
>Fix:
Unknown
