On 2010-02-23, Henning Brauer <lists-open...@bsws.de> wrote: > * Dan Harnett <dan...@harnett.name> [2010-02-23 17:19]: >> 'pfctl -t tablename -T expire NNNN' is also currently broken. >> Everything appears to be removed from the table immediately regardless >> of 'NNNN'. >> >> $ sudo cat /etc/pf.conf >> table <testing> persist counters >> >> $ sudo pfctl -vv -t testing -T add 172.16.1.8 172.16.1.9 >> 2/2 addresses added. >> A 172.16.1.8 >> A 172.16.1.9 >> >> $ sudo pfctl -vv -t testing -T expire 7200 >> 2/2 addresses expired. >> D 172.16.1.8 >> D 172.16.1.9 > > I don't remember any changes in that area lately so this puzzles me. > do we know when this breakage was introduced, approximately? >
I found a couple of boxes with May 2009 kernels where expire works as expected. I can't think of anything I have running code dated between then and now to pinpoint it any better than that (the downside of actually testing diffs ;-)
