I recently deployed an OpenBSD machine using pf to be a router/firewall for my home LAN, using NAT and sitting between our cable modem and our switch. It seems to work great.
But I just noticed an 'active' connection to a website... It's been open for 19 hours. 12KB of traffic has flowed over the connection, and the machine on the local end that initiated the connection is a laptop that's been offline for hours.
My question is twofold:
- Why hasn't this been dropped, after hours of inactivity?
- Short of restarting everything, is there a way to instruct PF to drop the connection / lose state information on it?