I recently got the following error when running
So I increased and tuned the settings from 1500000 to the following:
set limit table-entries 2000000
net.pf.request_maxcount=2000000
That didn't work, I still got the "cannot allocate memory"-error.
(the table have 750 000 IP addresses, and the number is slowly increasing)
Then I checked the limits with
So after some fiddling, I tried 4500000, then it worked.
After running
Anyone know what could have happened?
Couldn't pf handle all the zeros from the set limit table-entries settings, or what?
service pf reload:
Code:
#service pf reload
/usr/local/etc/pf.conf:36: cannot define table ddos: Cannot allocate memory
pfctl: Syntax error in config file: pf rules not loadedSo I increased and tuned the settings from 1500000 to the following:
set limit table-entries 2000000
net.pf.request_maxcount=2000000
That didn't work, I still got the "cannot allocate memory"-error.
(the table have 750 000 IP addresses, and the number is slowly increasing)
Then I checked the limits with
pfctl -sm:
Code:
# pfctl -sm
states hard limit 100000
src-nodes hard limit 10000
frags hard limit 5000
table-entries hard limit 200000 <--- Note the missing zero
anchors hard limit 0
eth-anchors hard limit 0So after some fiddling, I tried 4500000, then it worked.
After running
pfctl -sm again, it showed the correct table-entries:
Code:
# pfctl -sm
...
table-entries hard limit 4500000
...Anyone know what could have happened?
Couldn't pf handle all the zeros from the set limit table-entries settings, or what?