On Thu, Oct 28, 2021 at 12:15:45PM +0200, Jan Stary wrote:
> On Oct 28 11:55:33, [email protected] wrote:
> > Hi folks,
> >
> > my pf.conf contains
> >
> > table <spamd-white> persist file "/etc/mail/spamd-white"
> >
> > I understand that I can add and delete hosts from the table manually
> > later, but on very large tables this is pretty painful.
> > There is a high risk that the table has just been flushed
>
> Why would the table be flushed?
>
> > and is not up-to-date yet,
> > while the next EMail comes in.
>
> What do you mean by up to date
> and what does it have to do with the "pain"
> of adding addresses? An address is added when it is added.
>
> > table from file and hand it off to pf in an atomic operation?
>
> man pfctl says:
>
> For the add, delete, replace, and test commands, the list of
> addresses can be specified either directly on the command line
> and/or in an unformatted text file, using the -f flag.
>
> I don't know how atomic that is: is the table either empty
> or does it contain all the addresses in the file? I would
> guess the addresses are added as they are read, just like
> when you add them manually.
>
That is a wrong guess. pf tries to do things atomically when it makes
sense is the general rule.
-Otto
