PF Strange behavior in PF? (cannot allocate memory)

[Aknot]

I'm grateful there's people like you, even if it didn't work!! It was more than worth a try.
Thank's for the link, I have been there already, but I can't remember if I tried the kern.maxdsiz settings.

It might be far fetched, but I have my configuration files (.conf) in /usr/local/etc and basically every examples out there, points to /etc instead.
So, there are a few more things I could try, before giving up completely!

 

[Aknot]

This is what I ended up doing, to almost get it working, if someone having similar problems.
Still getting an error about an anchor during boot, and sometimes about memory allocation.

/etc/rc.conf

pf_enable="YES"
pf_rules="/usr/local/etc/pf.conf"
pflog_enable="YES"

/usr/local/etc/pf.conf

# table <ddos> persist file "/usr/local/etc/pf.ddos.list"
# Create table ddos without loading ips
table <ddos> persist
block in quick from <ddos> to any

/etc/rc.local

/sbin/pfctl -t ddos -T flush
/sbin/pfctl -t ddos -T replace -f /usr/local/etc/pf.ddos.list

crontab every 15 minutes

pfctl -t ddos -T flush 2>&1 | tee -a /var/log/ddosip.log
pfctl -t ddos -T replace -f /usr/local/etc/pf.ddos.list 2>&1 | tee -a /var/log/ddosip.log

# dmesg -a

/* message during boot */
Starting local daemons:0 addresses deleted.
pfctl: Anchor does not exist.
Server ready

 

[CeXP1917]

Even after moving net.pf.request_maxcount=2000000 to /boot/loader.conf

Is there pf_load="YES" in loader.conf?

 

[Aknot]

Is there pf_load="YES" in loader.conf?

No, that file only contains the following:

/boot/loader.conf

kern.geom.label.disk_ident.enable="0"
kern.geom.label.gptid.enable="0"
zfs_load="YES"

 

[CeXP1917]

No, that file only contains the following:

/boot/loader.conf

kern.geom.label.disk_ident.enable="0"
kern.geom.label.gptid.enable="0"
zfs_load="YES"

People say, that loading modules loader.conf sometime important, little chance that it can help.