Hi, I'm playing with the new rtable feature in login.conf(5) but it seems one use case doesn't trigger the rtable change.
I have an user called alice, if I ssh locally from my user to alice with ssh alice@localhost, alice has the correct routing table, if I use as root "su -l alice", then alice seems using rtable 0. I have two rules in pf.conf to forbid alice to reach the internet, so when I want to try if it works, I simply run "dig openbsd.org @9.9.9.9", if it works, I'm using rtable 1 (openvpn), if not, it's using rtable 0. block return on rdomain 0 proto tcp user alice block return on rdomain 0 proto udp user alice I think my configuration is fine. file /etc/master.passwd: alice:*:1007:1007:alice:0:0:,,,:/home/alice:/bin/ksh file /etc/login.conf: alice:\ :rtable=1: