On Thu, Aug 15, 2019 at 11:20:53AM +0200, Alexandr Nedvedicky wrote:
> I don't have working PF by hand at the moment, so can't try the patch
> below. Does patch below solve the 'pfctl -Fa ...' glitch?
OK kn
Unless a non-default value is specified explicitly, the default value
should be eff
Hi Alexandr,
Indeed it does! The syncookies now gets disabled when removing or
commenting out the 'set syncookies always' line and flushing all rules
and states.
Jesper Wallin
On Thu, Aug 15, 2019 at 11:20:53AM +0200, Alexandr Nedvedicky wrote:
> Hello Jesper,
>
> thanks for the bugreport.
>
Hello Jesper,
thanks for the bugreport.
> The third issue is more about pf.conf(5). By default, the syncookies
> feature is disabled, meaning that if nothing is specified in my pf.conf,
> syncookies are disabled. However, if I add "set syncookies always" and
> flush everything (doas pfctl -F
