Hi,
I took a leap of faith and discovered some options not mentioned
in pf.conf(5). What do you think of this patch?
Index: share/man/man5/pf.conf.5
===================================================================
RCS file: /cvs/src/share/man/man5/pf.conf.5,v
retrieving revision 1.476
diff -u -r1.476 pf.conf.5
--- share/man/man5/pf.conf.5 19 May 2010 13:51:37 -0000 1.476
+++ share/man/man5/pf.conf.5 16 Dec 2010 09:49:23 -0000
@@ -1057,15 +1057,15 @@
.Pp
.Dl # pfctl -s info
.Pp
-In this example
+You can set on which interfaces
.Xr pf 4
-collects statistics on the interface named dc0:
+collects statistics with:
.Pp
-.Dl set loginterface dc0
+.Dl set loginterface [if|ifgroup|none|all]
.Pp
-One can disable the loginterface using:
+For example, you can enable logging both bge0 and bge1 with:
.Pp
-.Dl set loginterface none
+.Dl set loginterface bge
.It Ar set optimization
Optimize state timeouts for one of the following network environments:
.Pp
@@ -2608,7 +2608,7 @@
[ "optimization" [ "default" | "normal" | "high-latency" |
"satellite" | "aggressive" | "conservative" ] ]
[ "limit" ( limit-item | "{" limit-list "}" ) ] |
- [ "loginterface" ( interface-name | "none" ) ] |
+ [ "loginterface" ( interface-name | interface-group | "none"
| "all" ) ] |
[ "block-policy" ( "drop" | "return" ) ] |
[ "state-policy" ( "if-bound" | "floating" ) ]
[ "state-defaults" state-opts ]
# Han
