Hello list,
I have the following pf.conf:
anchor quick {
pass
}
block
# pfctl -sr
anchor quick all {
pass all flags S/SA
}
block drop all
Because of the 'quick' i assumed, that 'block' is never reached, but it
is since 6.2.
man pf.conf(5) states:
"If the anchor itself is marked with the quick option, ruleset
evaluation will terminate when the anchor is exited if the packet is
matched by any rule within the anchor."
I tested with fresh installs of 6.1, 6.2, 6.3 and current via vmd and
6.1 does in fact behave as i would accept (that is, all packets
pass). From 6.2 on however, all packets are dropped.
Do i misread the manpage somehow?
Regards,
Fabian
