Am 20.10.2014 um 12:35 schrieb Henning Brauer <>:

> def: matched the implicit default rule
> short: the reason why the packet was dropped - it was shorter than it
> should have been, aka pbly truncated (or malicious). grep for
> PFRES_SHORT in sys/net/pf*.c for the exact cases.
> when you see packets being dropped referring to the default rule taht
> means as much as pf dropped it for non-rule based reasons, i. e. too
> short packets and the like, that usually happens before ruleset eval.
PGP-Key:29E99DD6  ☀ +49 151 2300 9283  ☀ computing @ chaos claudius

Reply via email to