From: Otto Moerbeek Subject: Re: typo in pf.conf.5 To: Damien Miller Cc: tech@openbsd.org Date: Fri, 9 Feb 2024 08:11:32 +0100 On Fri, Feb 09, 2024 at 05:59:09PM +1100, Damien Miller wrote: > Hi, > > I just noticed a typo in pf.conf(5). The code says: > > pfctl.c: { "pktdelay-pkts", PF_LIMIT_PKTDELAY_PKTS }, > > (i.e. hyphen, not underscore) > > ok? > > I'm also not able to get "set delay" doing anything visible, but maybe > I'm holding it wrong. In the diff you only change the -width parameter and not the actual .It line As using delay, I have used it with delaying DNS traffic with this snippet. I'm using no state, cause otherwise an existing state will ruin my delay attempt. pass out inet6 proto {tcp, udp} from any to port 53 no state pass out inet proto {tcp, udp} from any to port 53 no state pass in inet6 proto {tcp, udp} from any port 53 to any no state pass in inet proto {tcp, udp} from any port 53 to any no state pass out on egress proto {tcp, udp} from any to port 53 set delay 1000 no state # Delay list table const { 216.239.32.10 216.239.34.10 216.239.36.10 216.239.38.10 2001:4860:4802:32::a 2001:4860:4802:34::a 2001:4860:4802:36::a 2001:4860:4802:38::a } I hope I did not miss any other required line from pf.conf to make it work. -Otto > > Index: pf.conf.5 > =================================================================== > RCS file: /cvs/src/share/man/man5/pf.conf.5,v > diff -u -p -r1.600 pf.conf.5 > --- pf.conf.5 18 Nov 2022 18:11:10 -0000 1.600 > +++ pf.conf.5 9 Feb 2024 06:57:14 -0000 > @@ -1238,7 +1238,7 @@ See > for an explanation of memory pools. > .Pp > Limits can be set on the following: > -.Bl -tag -width pktdelay_pkts > +.Bl -tag -width pktdelay-pkts > .It Cm states > Set the maximum number of entries in the memory pool used by state table > entries (those generated by >