diff options
| author | Aaron Campbell <aaron@cvs.openbsd.org> | 2004-11-08 23:32:09 +0000 |
|---|---|---|
| committer | Aaron Campbell <aaron@cvs.openbsd.org> | 2004-11-08 23:32:09 +0000 |
| commit | 3c24cc498433dea4074850025060e396499eb1af (patch) | |
| tree | 2d8d565e7eb912f99775797f07f468d3e7db86f7 /share | |
| parent | 8b6109f0245d0784bfba8e7b8e962603cafd705a (diff) | |
Document "no scrub"; from jmc@, tweaked by me. dhartmei@ ok
Diffstat (limited to 'share')
| -rw-r--r-- | share/man/man5/pf.conf.5 | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index dbd33692fa5..cf42f7bf6d0 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: pf.conf.5,v 1.303 2004/10/28 19:29:53 mcbride Exp $ +.\" $OpenBSD: pf.conf.5,v 1.304 2004/11/08 23:32:08 aaron Exp $ .\" .\" Copyright (c) 2002, Daniel Hartmeier .\" All rights reserved. @@ -643,6 +643,15 @@ For example, .Bd -literal -offset indent scrub in on $ext_if all fragment reassemble .Ed +.Pp +The +.Ar no +option prefixed to a scrub rule causes matching packets to remain unscrubbed, +much in the same way as +.Ar drop quick +works in the packet filter (see below). +This mechanism should be used when it is necessary to exclude specific packets +from broader scrub rules. .Sh QUEUEING Packets can be assigned to queues for the purpose of bandwidth control. |