Hello,
mikeb@ and me were poking about same idea some time ago (?2016?). But the idea
never turned to diff. If I remember correct the only meaningful use case we
could come up with for once rules is [t]ftp-proxy. But neither one seems to use
once rules at all. I'm OK with removing 'once' rules. Fr
Hi,
PF supports 'one shot rules'. Quoting pf.conf(5) "once - Creates a one
shot rule that will remove itself from an active ruleset after the first
match."
I'd like to simplify pf by removing them, unless there's a compelling
reason not to.
Particularly as there is no 'first match' under conc
