Cardinality of ruleset

iMac-ant · September 18, 2020, 09:28:57 AM

Good morning to all, I have a question:

the number of rules in /tmp/rules.debug (starting from antispoof lof for <interface>) is grather than the number of rules obtained through pfctl -s rules. Why?

I'm just considering the default ruleset.

franco · September 18, 2020, 09:33:27 AM

The generated rules in /tmp/rules.debug are a "proposal" to pfctl, the ruleset obtained from pfctl is the one that is already cleaned up somewhat regardless of optimization state.

Cheers,
Franco

iMac-ant · September 18, 2020, 09:43:58 AM

What is the cleaning criteria of pfctl? Is there any anomaly, suach as dependency anomaly o redundancy anonmaly?

franco · September 18, 2020, 09:44:23 AM

You will have to consult the source code for this to be sure.

Cheers,
Franco

iMac-ant · September 18, 2020, 09:51:01 AM

Thank you very mych.

Antonio

Cardinality of ruleset

iMac-ant

September 18, 2020, 09:28:57 AM

franco

September 18, 2020, 09:33:27 AM #1

iMac-ant

September 18, 2020, 09:43:58 AM #2

franco

September 18, 2020, 09:44:23 AM #3

iMac-ant

September 18, 2020, 09:51:01 AM #4