From owner-freebsd-pf@freebsd.org  Wed Jun  8 10:47:52 2016
Return-Path: <owner-freebsd-pf@freebsd.org>
Delivered-To: freebsd-pf@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 497B8B6FC6D
 for <freebsd-pf@mailman.ysv.freebsd.org>; Wed,  8 Jun 2016 10:47:52 +0000 (UTC)
 (envelope-from emz@norma.perm.ru)
Received: from elf.hq.norma.perm.ru (unknown [IPv6:2a00:7540:1::5])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mail.norma.perm.ru",
 Issuer "Vivat-Trade UNIX Root CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id BD6B61E3E
 for <freebsd-pf@freebsd.org>; Wed,  8 Jun 2016 10:47:51 +0000 (UTC)
 (envelope-from emz@norma.perm.ru)
Received: from bsdrookie.norma.com. (pc846408.norma.com [IPv6:fd00::73d] (may
 be forged))
 by elf.hq.norma.perm.ru (8.15.2/8.15.2) with ESMTPS id u58AlmqU024910
 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO)
 for <freebsd-pf@freebsd.org>; Wed, 8 Jun 2016 15:47:48 +0500 (YEKT)
 (envelope-from emz@norma.perm.ru)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=norma.perm.ru; s=key;
 t=1465382868; bh=/HC0nl1h9M4rsIZClWaWLOWqXPbHTtmgN/vAhUJH4MM=;
 h=To:From:Subject:Date;
 b=JgP5hK+LRw/rTpMsgwQ2BY//wjN02xaNU2STvh1mLe5iduQqNHnD9/b92JIUCtaNY
 RkkHx7FoyjF2ehE4iC6i8V7pfGjmWTiIysoEihKKIyumCJP962bHJ1Srtr+10Kvw93
 m0xnfCa9o1scVhYdRrKDf5K6Yb5QWh9VFNNZEJWI=
To: freebsd-pf@freebsd.org
From: "Eugene M. Zheganin" <emz@norma.perm.ru>
Subject: cannot delete state, when the state is obviously present
Message-ID: <5757F7D4.2030405@norma.perm.ru>
Date: Wed, 8 Jun 2016 15:47:48 +0500
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101
 Thunderbird/38.7.0
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jun 2016 10:47:52 -0000

Hi.

Why it's often impossible to delete state from state table ?

Suppose I have a state:

all icmp 46.146.220.88:36386 <- 104.81.60.125:36386       0:0
   age 00:00:20, expires in 00:00:05, 2:2 pkts, 128:128 bytes, rule 43
   id: 0100000073bcdded creatorid: 1017b0dc

# pfctl -k id -k 0100000073bcdded
killed 0 states

And the state is still present after this.

Thanks.
Eugene.