On Tue, Feb 10, 2026 at 10:55:09PM +0100, Micha?? Markowski wrote: > Hi, > > While getting familiar with the new PF limiter functionality, I > noticed that explicit ID is required for each limiter definition, > e.g.: > state limiter "dns-server" id 1 limit 1000 > source limiter "internet" id 1 entries 10000 limit 1000 rate 100/10 > inet6 mask 64 > > Other PF objects like tables and queues are identified solely by name > in the configuration, without a separate numeric ID. > Is there any background on why the user-specified numeric ID for > limiters is needed, as opposed to being automatically derived > internally?
my intention is to sync utilisation of limiters between firewalls with pfsync, which means i need a consistent identifier on all the participating firewalls to use on the wire. cheers, dlg
