PF How to delete one rule in PF ?

[Purkuapas]

Hello,

From pfctl man page i know how to flush and disable/enable pf. But how can i remove from CLI only one rule, without full flushing and reload config file ?

For example, i add on-the-fly command for port forwarding:

echo 'rdr pass proto tcp from any to any port 37 -> 10.0.0.2' | pfctl -f -

And want to remove only this rule. It is possible ?

 

[ComradeSlice]

You can use "-T" to add or remove entries from tables. If you wanted to disable a rule applied to this table you could remove all of the entries. If you want some sort of command to "toggle" a port opening or closing I'd think it would be much easier to write a script to modify pf.conf and reload the rules.

 

[kpa]

Use anchors for dynamic rules. This is for OpenBSD but the anchor syntax is still the same:

https://www.openbsd.org/faq/pf/anchors.html