packet filter info states
Add kill function after each line of connection
we can use pfctl -k to kill some state
Of course, it is also possible to add a one-key block function to each connection
-K host | network
Kill all of the source tracking entries originating from the specified host
or network. A second -K host or -K network option may be specified, which
will kill all the source tracking entries from the first host/network to the
second.
-k host | network
Kill all of the state entries originating from the specified host or network.
A second -k host or -k network option may be specified, which will kill all
the state entries from the first host/network to the second. For example, to
kill all of the state entries originating from ``host'':
# pfctl -k host
To kill all of the state entries from ``host1'' to ``host2'':
# pfctl -k host1 -k host2
To kill all states originating from 192.168.1.0/24 to 172.16.0.0/16:
# pfctl -k 192.168.1.0/24 -k 172.16.0.0/16
A network prefix length of 0 can be used as a wildcard. To kill all states
with the target ``host2'':
# pfctl -k 0.0.0.0/0 -k host2
packet filter info states
Add kill function after each line of connection
we can use pfctl -k to kill some state
Of course, it is also possible to add a one-key block function to each connection
-K host | network
Kill all of the source tracking entries originating from the specified host
or network. A second -K host or -K network option may be specified, which
will kill all the source tracking entries from the first host/network to the
second.
-k host | network
Kill all of the state entries originating from the specified host or network.
A second -k host or -k network option may be specified, which will kill all
the state entries from the first host/network to the second. For example, to
kill all of the state entries originating from ``host'':