> Have your cron job copy the current anchor rules to pf-current.conf, > then add pfctl -f pf-current.conf to rc.local.
Thank you for the reply (and Gaby too). But I am not sure if this would be an elegant workaround. Because by chance there may be cron jobs scheduled to run exactly during downtime, and I would miss them. This is still true no matter how small the chances are.
