Pf Configuration Incompatible With Pf Program Version Online

He wrote his post-mortem at dawn. Title: "PF_CONFIG_VERSION vs. PF_PROGRAM_VERSION: A Case of Silent Deprecation."

Then the prayer:

pfctl -sr | grep "api_sources"

He VPN’d in, his coffee cold before he’d even poured it. The first command was ritual.

Silence. Then the gentle tick of the rule counter. pf configuration incompatible with pf program version

He never trusted -current again.

It was clean. It had worked for eighteen months. He squinted. Then he saw it. The version banner from the last system upgrade, buried four scrolls up: He wrote his post-mortem at dawn

He pulled up the man page on his laptop. pf.conf(5) . There it was, buried in the "Migration Notes" for 7.5: The from <list> syntax has been deprecated for non-route-related filter rules. Use an anchor or table for multiple source prefixes. Direct lists in a pass in rule will now raise a fatal syntax error. A fatal error. Not a warning. Not a "this might break." A stone-cold, refuse-to-start fatal error.