Hi, I have a weird problem with pf nested anchors.
(18:31) [EMAIL PROTECTED]:~ %> sudo pfctl -s Anchors 0001 clients (18:31) [EMAIL PROTECTED]:~ %> sudo pfctl -a "clients/test" -f rule (18:32) [EMAIL PROTECTED]:~ %> sudo pfctl -s Anchors 0001 clients test (18:32) [EMAIL PROTECTED]:~ %> sudo pfctl -s Anchors -a clients clients/0001 clients/foobar clients/test (18:32) [EMAIL PROTECTED]:~ %> cat rule pass in quick on tun0 from 172.22.7.7 to <something> label "st:4:[EMAIL PROTECTED]:2:1:foo:in" pass out quick on tun0 from <something> to 172.22.7.7 label "st:4:[EMAIL PROTECTED]:2:1:foo:out" (18:32) [EMAIL PROTECTED]:~ %> Why goes it create global anchor 'test' while it should create just a nested anchor 'clients/test'? I noticed this happens only if I use tables in rules for the nested anchor. However it doesn't matter if these tables are local or global, defined or not, it doesn't make any difference. Moreover, I cannot flush anchors created that way (usually "pfctl -a anchor -F all" removes anchors from the list, but it doesn't happen for the anchors created that way). Is it expected behaviour or maybe I'm missing something? I've tested it on two boxes, both are 6.2-STABLE, one i386 and another is amd64. Roman Bogorodskiy
pgpULenyweu4p.pgp
Description: PGP signature
