Hi all,

I noticed that tcp.tsdiff was specified in my pf.conf and got curious
what pf.conf(5) said about it.  To my surprise, it doesn't seem to
mention it at all.  I skimmed through and tried to find it in previous
releases via man.openbsd.org but without any luck.

The patch below adds a short description about what tcp.tsdiff do.

While I'm here and after reading some code and doing some testing,
I learned that 'set optimization' is just an alias for various presets
of tcp.first, tcp.established, tcp.closing, tcp.finwait, tcp.closed and
tcp.tsdiff.  This means that specifying these timeouts manually and
using 'set optimization' is redundant, causing the last statement to
overwrite the values by the statement that comes last.

This is correct behaviour, but might cause unintuitive behaviour and
perhaps worth mentioning in pf.conf(5)?


Index: pf.conf.5
===================================================================
RCS file: /cvs/src/share/man/man5/pf.conf.5,v
retrieving revision 1.600
diff -u -p -r1.600 pf.conf.5
--- pf.conf.5	18 Nov 2022 18:11:10 -0000	1.600
+++ pf.conf.5	13 Apr 2024 19:51:55 -0000
@@ -1486,6 +1486,8 @@ The state after the first packet.
 .It Cm tcp.opening Pq 30 seconds by default
 The state after the second packet but before both endpoints have
 acknowledged the connection.
+.It Cm tcp.tsdiff Pq 30 seconds by default
+Maximum allowed time difference between RFC1323-compliant packet timestamps.
 .El
 .Pp
 ICMP and UDP are handled in a fashion similar to TCP, but with a much more