Howdy List?
According to the man page on pfctl
"
-m Merge in explicitly given options without resetting those which
are omitted. Allows single options to be modified without dis-
turbing the others:
# echo "set loginterface fxp0" | pfctl -mf -
"
using the -m parm should allow allow a rule to be merged into the current set,
but when I run it, as spec'd in the man page, my ruleset is deletd.
Dhu
[EMAIL PROTECTED]:/etc] # pfctl -a '*' -sr
scrub in all fragment reassemble
block drop in all
block drop out all
pass out on bge0 inet from any to 192.168.1.0/24 flags S/SA keep state
pass in quick on bge0 inet from 192.168.1.0/24 to 192.168.1.44 flags S/SA keep
state
pass in on bge0 route-to (axe0 142.59.192.1) inet proto tcp from 192.168.1.0/24
to any flags S/SA modulate state
pass in on bge0 route-to (vr0 68.148.0.1) inet proto tcp from 192.168.1.46 to
any flags S/SA modulate state
pass in on bge0 route-to (axe0 142.59.192.1) inet proto udp from 192.168.1.0/24
to any keep state
pass in on bge0 route-to (axe0 142.59.192.1) inet proto icmp from
192.168.1.0/24 to any keep state
pass in inet proto icmp all icmp-type echoreq keep state
pass out on axe0 proto icmp all keep state
pass out on vr0 proto tcp all flags S/SA modulate state
pass out on vr0 proto udp all keep state
pass out on vr0 proto icmp all keep state
pass out on axe0 proto tcp all flags S/SA modulate state
pass out on axe0 proto udp all keep state
pass out on axe0 proto icmp all keep state
pass out on vr0 route-to (axe0 142.59.192.1) inet from 142.59.197.37 to any
flags S/SA keep state
pass out on axe0 route-to (vr0 68.148.0.1) inet from 68.148.0.251 to any flags
S/SA keep state
[EMAIL PROTECTED]:/etc] # echo 'set skip on lo' | pfctl -mf -
[EMAIL PROTECTED]:/etc] # pfctl -a '*' -sr
[EMAIL PROTECTED]:/etc] #
