Hello, On Fri, Oct 24, 2025 at 11:15:37AM -0600, Theo de Raadt wrote: > Would it be unreasonable for pfctl_restore_limits() close(dev) and then dev = > -1?
the logic works that if all is good the main() closes /dev/pf device and
sets
file descriptor to -1 (dev = -1before its successful exit. This neuters the
atexit handler.
so it's the main() where device should be closed on success.
thanks and
regards
sashan
