b6e6 Hitting pf states limit - The FreeBSD Forums
The FreeBSD Forums  

Go Back   The FreeBSD Forums > Server & Networking > Firewalls
Reload this Page Hitting pf states limit
Register FAQ Calendar Search Today's Posts Mark Forums Read

Firewalls IPFW, PF, IPF (but not limited) related discussion

Reply
 
Thread Tools Display Modes
  #1  
Old September 19th, 2012, 09:17
saznik saznik is offline
Junior Member
  
Join Date: Jun 2011
Posts: 16
Thanks: 4
Thanked 0 Times in 0 Posts
Default Hitting pf states limit
Hello, one of my FreeBSD 9 machines is nearly hitting the states limit. The machine had the limit 10000. Correct me if I'm wrong but I thought reading somewhere that the default states limit was increased to 30000 with FreeBSD 9? Other machines have the limit at 30000 using the default value. Strangely one machine has 20000 as the limit.

Now I increased the limit
Code:
set limit states 20000
OpenBSD Manual says the default is 10000. Searching the Internet didn't help me and I can't find anything saying something about a limit of 30000. Maybe someone can help me. Why is the limit on 2 machines different with default settings and is the default states limit 30000 in FreeBSD 9?
Reply With Quote
  #2  
Old September 19th, 2012, 16:34
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Administrator
  
Join Date: Nov 2008
Location: Rotterdam, the Netherlands
Posts: 9,849
Thanks: 30
Thanked 1,892 Times in 1,335 Posts
Default
The default state limit in pf is (still) 10,000 in FreeBSD 9. Any higher limit should be set in pf.conf.
__________________
FreeBSD Forums: Information for New Members | FreeBSD Forums Rules
FreeBSD Resources: The FreeBSD Handbook | Manuals | FAQ | Wiki
Before you post: How to ask questions the smart way
If you must know .. So, what does an Administrator/Moderator do?
---> Do not PM me with FreeBSD questions. I do not work here. <---
Reply With Quote
The Following User Says Thank You to DutchDaemon For This Useful Post:
saznik (September 20th, 2012)
  #3  
Old September 20th, 2012, 07:59
saznik saznik is offline
Junior Member
  
Join Date: Jun 2011
Posts: 16
Thanks: 4
Thanked 0 Times in 0 Posts
Default
That's a clear statement. Then I have to find out why the other machines have such a high limit. Because in pf.conf there is no limit defined and it should use defaults (10000).
Reply With Quote
  #4  
Old September 20th, 2012, 17:52
plamaiziere plamaiziere is offline
Member
  
Join Date: Jan 2009
Location: Rennes, France
Posts: 174
Thanks: 1
Thanked 39 Times in 29 Posts
Default
Quote:
Originally Posted by saznik View Post
That's a clear statement. Then I have to find out why the other machines have such a high limit
May be it was changed on the fly. With something like
Code:
echo 'set limit states 20000' | pfctl -mf -
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
what do all the states in top mean? wonslung General 11 November 9th, 2010 21:40
[Solved] Shutdown freeBSD completely, without hitting power button ccc General 11 September 14th, 2010 00:38
Undervolting Athlon II P-states? soobaerodude System Hardware 3 July 31st, 2010 16:03
PF limiting nat table states per ip kulawymoe Firewalls 3 June 12th, 2010 18:18
Can't shutdown FreeBSD without hitting power button triplesquarednine General 19 September 6th, 2009 04:46


All times are GMT +1. The time now is 11:46.

Contact Us - FreeBSD - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.
The mark FreeBSD is a registered trademark of The FreeBSD Foundation and is used by The FreeBSD Project with the permission of The FreeBSD Foundation.
Web protection and acceleration provided by CloudFlare
0