kern/103304: pf accepts nonexistent queue in rules
Jon Simola
jsimola at gmail.com
Tue Dec 12 12:28:33 PST 2006
The following reply was made to PR kern/103304; it has been noted by GNATS.
From: "Jon Simola" <jsimola at gmail.com>
To: bug-followup at freebsd.org
Cc:
Subject: Re: kern/103304: pf accepts nonexistent queue in rules
Date: Tue, 12 Dec 2006 11:55:03 -0800
This is by design. Queueing, Translation, and Packet Filtering are
seperate functions in PF, and they can be manipulated independantly of
each other. Flushing the queueing configuration should not leave the
filtering rules in an undetermined state, nor should filtering rules
that reference a queue that may not have been created yet. If you are
experiencing problems with queueing, it is certainly advantageous to
be able to disable it entirely by "pfctl -F queue" rather than having
to rewrite the entire ruleset and remove all references to queues.
PF also allows rules to specify non-existant interfaces, so that
hotplugging does not require reloading the ruleset.
More information about the freebsd-pf
mailing list