fixed in -current. it isn't exactly debug output, but it can be ignored.
On 2025/11/02 14:20, Jordan Geoghegan wrote: > Hello, > > I noticed a change in behaviour on 7.8 when testing if addresses are present > in a table. > If an address is not present, it will show the following: > > # pfctl -t bruteforce -T test 192.0.2.1 > 0/1 addresses match. > pfctl: DIOCSETLIMIT (states): Permission denied > pfctl: DIOCSETLIMIT (src-nodes): Permission denied > pfctl: DIOCSETLIMIT (frags): Permission denied > pfctl: DIOCSETLIMIT (tables): Permission denied > pfctl: DIOCSETLIMIT (table-entries): Permission denied > pfctl: DIOCSETLIMIT (pktdelay-pkts): Permission denied > pfctl: DIOCSETLIMIT (anchors): Permission denied > > > No such extra output is printed if an address is indeed present in the > table: > > # pfctl -t bruteforce -T test 192.0.2.5 > 1/1 addresses match. > > Prior to 7.8, no debug info was printed: > > # pfctl -t bruteforce -T test 192.0.2.1 > 0/1 addresses match. >
