Hi, just warn if you use Timeout and optimization on PF,
ok first example on pf.conf : set timeout tcp.established 86399 #set optimization normal#Without set optimization * !!! and pfctl -s timeout|grep established tcp.established 86399s ok second example and Warning on pf.conf : set timeout tcp.established 86399 set optimization normal and pfctl -s timeout|grep established tcp.established 86400s ok third example and Warning on pf.conf : set timeout tcp.established 86399 set optimization aggressive and pfctl -s timeout|grep established tcp.established 18000s .. Warn because set timeout *.* param are not used if you use "set optimization *". maybe add warning if "set timeout *" and "set optimization *" ? Best Regards Rmkml
