-.\" $OpenBSD: pfctl.8,v 1.182 2022/11/14 09:56:09 jmc Exp $
+.\" $OpenBSD: pfctl.8,v 1.183 2022/11/18 18:11:10 kn Exp $
.\"
.\" Copyright (c) 2001 Kjell Wooding. All rights reserved.
.\"
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: November 14 2022 $
+.Dd $Mdocdate: November 18 2022 $
.Dt PFCTL 8
.Os
.Sh NAME
.Fl v ,
the per-rule statistics (number of evaluations,
packets and bytes) are also shown.
+When used together with
+.Fl g
+or
+.Fl vv ,
+expired rules
+.Pq marked as Dq # expired
+are also shown.
Note that the
.Dq skip step
optimization done automatically by the kernel
-.\" $OpenBSD: pf.conf.5,v 1.599 2022/11/10 19:07:21 jmc Exp $
+.\" $OpenBSD: pf.conf.5,v 1.600 2022/11/18 18:11:10 kn Exp $
.\"
.\" Copyright (c) 2002, Daniel Hartmeier
.\" Copyright (c) 2003 - 2013 Henning Brauer <henning@openbsd.org>
.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: November 10 2022 $
+.Dd $Mdocdate: November 18 2022 $
.Dt PF.CONF 5
.Os
.Sh NAME
100 per 10 seconds again.
.Pp
.It Cm once
-Creates a one shot rule.
-The first matching packet marks the rule as expired;
-any expired rules are no longer evaluated.
-Expired rules are only shown in verbose mode (-vv):
+Create a one shot rule.
+The first matching packet marks the rule as expired.
+Expired rules are skipped and hidden, unless
.Xr pfctl 8
-will append '# expired' to note any once rules which have already been hit.
+is used in debug or verbose mode.
.Pp
.It Cm probability Ar number Ns %
A probability attribute can be attached to a rule,
projects / openbsd / commitdiff