diff options
| author | Alexandr Nedvedicky <sashan@cvs.openbsd.org> | 2016-09-03 17:11:41 +0000 |
|---|---|---|
| committer | Alexandr Nedvedicky <sashan@cvs.openbsd.org> | 2016-09-03 17:11:41 +0000 |
| commit | a0f857620c92283305dc854249628442d479ea86 (patch) | |
| tree | 04957589558e8df4d2545333c70f1ee38b05facb /sbin/pfctl/pfctl_parser.c | |
| parent | ff165273be5010fe0bb75ba92891345609de56d6 (diff) | |
Let purge thread to remove once rules, not packets.
Thanks mikeb@ for idea to add expire time.
OK mpi@, OK mikeb@
Diffstat (limited to 'sbin/pfctl/pfctl_parser.c')
| -rw-r--r-- | sbin/pfctl/pfctl_parser.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sbin/pfctl/pfctl_parser.c b/sbin/pfctl/pfctl_parser.c index 31e82ef5a51..743a7908d59 100644 --- a/sbin/pfctl/pfctl_parser.c +++ b/sbin/pfctl/pfctl_parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_parser.c,v 1.307 2016/08/26 06:06:58 guenther Exp $ */ +/* $OpenBSD: pfctl_parser.c,v 1.308 2016/09/03 17:11:40 sashan Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -701,8 +701,12 @@ print_rule(struct pf_rule *r, const char *anchor_call, int opts) int verbose = opts & (PF_OPT_VERBOSE2 | PF_OPT_DEBUG); char *p; + if ((r->rule_flag & PFRULE_EXPIRED) && (!verbose)) + return; + if (verbose) printf("@%d ", r->nr); + if (r->action > PF_MATCH) printf("action(%d)", r->action); else if (anchor_call[0]) { |