On Sat, Apr 28, 2007 at 06:35:09AM +0200, Tobias Freitag wrote: > Lets say I have an anchor in the main ruleset named "myanchor" and inside > this > anchor I put an overload rule like this: > > pass in on $int_if \ > keep state (max-src-conn 200, overload <ahosts>) > > then pf puts the ip addresses that exceed that limit in a table named > "ahosts" > and puts that table inside the anchor, which *could* be > addressed "myanchor/<ahosts>".
There is no syntax for that. If the main ruleset references the table, why try to define it in the anchor at all? Simply define the table in the main ruleset, and the anchors will use the global table (as long as you don't define a local table of the same name). Daniel
