already discussed with jmc, does anyone have comments regarding the descriptions of counters?
Index: pfctl.8 =================================================================== RCS file: /cvs/src/sbin/pfctl/pfctl.8,v retrieving revision 1.156 diff -u -p -r1.156 pfctl.8 --- pfctl.8 29 Sep 2012 01:41:01 -0000 1.156 +++ pfctl.8 13 Mar 2013 16:26:43 -0000 @@ -345,7 +345,7 @@ Show the filter parameters specified by .Ar modifier (may be abbreviated): .Pp -.Bl -tag -width xxxxxxxxxxxxx -compact +.Bl -tag -width xxxxxxxxxxxxxx -compact .It Fl s Cm queue Show the currently loaded queue rules. When used together with @@ -422,6 +422,45 @@ can be used to select an interface or a .It Fl s Cm all Show all of the above, except for the lists of interfaces and operating system fingerprints. +.El +.Pp +Counters shown with +.Fl s Cm info +are: +.Pp +.Bl -tag -width xxxxxxxxxxxxxx -compact +.It match +explicit rule match +.It bad-offset +currently unused +.It fragment +invalid fragments dropped +.It short +short packets dropped +.It normalize +dropped by normalizer: illegal packets +.It memory +memory could not be allocated +.It bad-timestamp +bad TCP timestamp; RFC 1323 +.It congestion +network interface queue congested +.It ip-option +bad IP/IPv6 options +.It proto-cksum +invalid protocol checksum +.It state-mismatch +packet was associated with a state entry, but sequence numbers did not match +.It state-insert +state insertion failure +.It state-limit +configured state limit was reached +.It src-limit +source node/connection limit +.It synproxy +dropped by synproxy +.It translate +no free ports in translation port range .El .It Fl T Ar command Op Ar address ... Specify the
