pfctl.8: mention -k source -k <IP>
Sponsored by: Rubicon Communications, LLC ("Netgate")
This commit is contained in:
+7
-2
@@ -43,7 +43,7 @@
|
||||
.Op Fl K Ar host | network
|
||||
.Xo
|
||||
.Oo Fl k
|
||||
.Ar host | network | label | id | gateway | nat
|
||||
.Ar host | network | label | id | gateway | source | nat
|
||||
.Oc Xc
|
||||
.Op Fl o Ar level
|
||||
.Op Fl p Ar device
|
||||
@@ -281,7 +281,7 @@ option may be specified, which will kill all the source tracking
|
||||
entries from the first host/network to the second.
|
||||
.It Xo
|
||||
.Fl k
|
||||
.Ar host | network | label | id | key | gateway | nat
|
||||
.Ar host | network | label | id | key | gateway | source | nat
|
||||
.Xc
|
||||
Kill all of the state entries matching the specified
|
||||
.Ar host ,
|
||||
@@ -290,6 +290,7 @@ Kill all of the state entries matching the specified
|
||||
.Ar id ,
|
||||
.Ar key ,
|
||||
.Ar gateway,
|
||||
.Ar source ,
|
||||
or
|
||||
.Ar nat.
|
||||
.Pp
|
||||
@@ -374,6 +375,10 @@ States can also be killed based on their pre-NAT address:
|
||||
.Pp
|
||||
.Dl # pfctl -k nat -k 192.168.0.1
|
||||
.Pp
|
||||
To remove a source from a source limiter use:
|
||||
.Pp
|
||||
.Dl # pfctl -I 1 -k source -k 192.0.2.2
|
||||
.Pp
|
||||
.It Fl M
|
||||
Kill matching states in the opposite direction (on other interfaces) when
|
||||
killing states.
|
||||
|
||||
Reference in New Issue
Block a user