Kernel panic with pf

Please post the output of
# pfctl -s memory

The last two numbers should be what you are looking for, maximums for number of tables and overall number of addresses in all tables. You can increase them in pf.conf(5), for example:

Code:
set limit tables 1000
set limit table-entries 500000
 
  • Thanks
Reactions: Ben
Thanks for this hint, seems it worked. At least it didn't panic after I set the limit higher. Anyway, now the table contains "only" 137507 IPs.
 
Good to hear that it helped. This should be reported via a PR to the developers. In my opinion exhausting the available table entries shouldn't panic the system. Include as much details as possible about your system and settings in your PR.
 
This is also my opinion.

Actually you should be able to set the number to 5 and then load 10 IPs. I will check if I have a system available which I can crash. We don't have too many FreeBSD 9 machines yet.
 
Everyday 12pm it crashed. Then I ran it manually and it crashed. After setting the new limits I ran it and it did not crash. So I activated the job again to see if it crashes again.

Tonight I will see...
 
Sure.

x.y-RELEASE is always cut from releng/x.y branch, which in its turn is cut from stable/x branch. For now, the releng/9.1 hasn't been cut yet.
 
glebius@ said:
Sure.

x.y-RELEASE is always cut from releng/x.y branch, which in its turn is cut from stable/x branch. For now, the releng/9.1 hasn't been cut yet.

Great, I see there were some issues with this commit in the mailing list :e
 
Back
Top