Solved Persistent TABLES

byrnejb

byrnejb

I have this definition in /etc/pf.conf:

Code: 
table <WHITELIST> persist file "/var/db/pf/pf_white_list"

When I add an address using pfctl I can see it is there:
Code: 
[root@gway04 ~ (master)]# pfctl -t WHITELIST -T add 72.140.215.253
1/1 addresses added.
[root@gway04 ~ (master)]#  pfctl -t WHITELIST -T show
   72.140.215.253
But I do not see it in the persistent file:
Code: 
[root@gway04 ~ (master)]# ll /var/db/pf/pf_white_list
-rw-r--r--  1 root  wheel  0 May  2 12:52 /var/db/pf/pf_white_list
[root@gway04 ~ (master)]# cat /var/db/pf/pf_white_list
[root@gway04 ~ (master)]#


I obviously misunderstand this so I would appreciate very much if someone could explain this to me.
 
I believe you would add it to the file then use pfctl to reload it.
pfctl -t WHITELIST -T replace -f /var/db/pf/pf_white_list

Or:
if you use pfctl to add to the table then you need to take your show command and redirect to the file.
pfctl -t WHITELIST -T show > /var/db/pf/pf_white_list

The "persist" keyword is really "what happens to the table if there are no entries". Without it, an empty table will not exist if no rules reference it.
 
Thank you. In my experience 'persist' has been used to refer to disk storage and not to memory residence. So, I was misled as to what I thought pfctl should do.
 
  • Like
Reactions: mer
Code: 
     persist  The persist flag forces the kernel to keep the table even when
              no rules refer to it.  If the flag is not set, the kernel will
              automatically remove the table when the last rule referring to
              it is flushed.
From pf.conf(5)

mer said:
The "persist" keyword is really "what happens to the table if there are no entries". Without it, an empty table will not exist if no rules reference it.
Click to expand...
Not quite. The table can be empty. If there are no rules referring to the table the table is removed from memory. Unless you specify persist, then the table is kept in memory even if no rules are referring to it.
 
  • Like
Reactions: mer
You must log in or register to reply here.
Back
Top