D46932.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D46932.diff
View Options

	diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5
	--- a/share/man/man5/pf.conf.5
	+++ b/share/man/man5/pf.conf.5
	@@ -27,7 +27,7 @@
	.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	.\" POSSIBILITY OF SUCH DAMAGE.
	.\"
	-.Dd September 6, 2024
	+.Dd October 2, 2024
	.Dt PF.CONF 5
	.Os
	.Sh NAME
	@@ -2432,7 +2432,7 @@
	.It Ar max Aq Ar number
	Limits the number of concurrent states the rule may create.
	When this limit is reached, further packets that would create
	-state will not match this rule until existing states time out.
	+state are dropped until existing states time out.
	.It Ar no-sync
	Prevent state changes for states created by this rule from appearing on the
	.Xr pfsync 4
	@@ -2514,6 +2514,9 @@
	The connection rate is an approximation calculated as a moving average.
	.El
	.Pp
	+When one of these limits is reached, further packets that would create
	+state are dropped until existing states time out.
	+.Pp
	Because the 3-way handshake ensures that the source address is not being
	spoofed, more aggressive action can be taken based on these limits.
	With the