Hello,
I noticed a change in behaviour on 7.8 when testing if addresses are
present in a table.
If an address is not present, it will show the following:
# pfctl -t bruteforce -T test 192.0.2.1
0/1 addresses match.
pfctl: DIOCSETLIMIT (states): Permission denied
pfctl: DIOCSETLIMIT (src-nodes): Permission denied
pfctl: DIOCSETLIMIT (frags): Permission denied
pfctl: DIOCSETLIMIT (tables): Permission denied
pfctl: DIOCSETLIMIT (table-entries): Permission denied
pfctl: DIOCSETLIMIT (pktdelay-pkts): Permission denied
pfctl: DIOCSETLIMIT (anchors): Permission denied
No such extra output is printed if an address is indeed present in the
table:
# pfctl -t bruteforce -T test 192.0.2.5
1/1 addresses match.
Prior to 7.8, no debug info was printed:
# pfctl -t bruteforce -T test 192.0.2.1
0/1 addresses match.
