From owner-freebsd-pf@freebsd.org Sun Dec 13 09:37:06 2020 Return-Path: Delivered-To: freebsd-pf@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 41FD74B3438 for ; Sun, 13 Dec 2020 09:37:06 +0000 (UTC) (envelope-from segreteria@delluomo-morettin.com) Received: from gateway23.websitewelcome.com (gateway23.websitewelcome.com [192.185.49.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ctzv60ttqz3NpB for ; Sun, 13 Dec 2020 09:37:05 +0000 (UTC) (envelope-from segreteria@delluomo-morettin.com) Received: from cm14.websitewelcome.com (cm14.websitewelcome.com [100.42.49.7]) by gateway23.websitewelcome.com (Postfix) with ESMTP id 72EC746B1 for ; Sun, 13 Dec 2020 03:37:04 -0600 (CST) Received: from box2137.bluehost.com ([70.40.222.133]) by cmsmtp with SMTP id oNoOkS83dsvw9oNoOkxbwe; Sun, 13 Dec 2020 03:37:04 -0600 X-Authority-Reason: nr=8 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=delluomo-morettin.com; s=default; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:MIME-Version:Date:Message-ID:Cc:From:References:To:Subject:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=hVMdjLi3f9gTEZ795TLa9L17mwdrD0SLSewDaYVlmMM=; b=AYoOhQAt54Gf50ME5h+qZnDszt dfa5NrMcNpokXEgZ/xtsgZpnW6vIk60k64VlZBmsE8uXYdQq5xWCf75GUosRts88Xi8kYq3m9aFyJ mJvIrria64UwUqwlhHVqtrVrPf1Dze47px6K4M79RNHSQbQalMh4F/W5xCrHPRg5PsRrGRvXfzMF0 HtHVvGvb050hhe364osUcr0s9x6Yp+tCiOpvAzyJaE0ySH9VKHZJTiGorXMMTfrb8OK7pk6H1bN+W TnXmCZybFZtmdZNJ6vKJO0xlZ477YYb8mvNPTG+AoBPRYy/xWNZwqFKmxNiY0RJ8UdFf+zvS6NjzX SdavBw8Q==; Received: from [2.224.154.24] (port=36117 helo=puffy.delluomo-morettin.local) by box2137.bluehost.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1koNoN-00495O-Pt; Sun, 13 Dec 2020 02:37:03 -0700 Subject: Re: net.pf.request_maxcount not working after upgrading from 12.1-RELEASE to 12.2 RELEASE. To: Kristof Provost , franco@lastsummer.de References: <02311a9b-e669-0071-f47e-fc1701749213@delluomo-morettin.com> <7394e747-7741-daa8-cf07-4aed2eee76d1@delluomo-morettin.com> <83A03723-37EE-4462-B9A9-2F9B48114F7A@lastsummer.de> From: Segreteria Cc: freebsd-pf@freebsd.org Message-ID: <0487b724-8e53-8fc5-58c7-182ca33c4071@delluomo-morettin.com> Date: Sun, 13 Dec 2020 10:37:01 +0100 User-Agent: Mozilla/5.0 (X11; OpenBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: it X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - box2137.bluehost.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - delluomo-morettin.com X-BWhitelist: no X-Source-IP: 2.224.154.24 X-Source-L: No X-Exim-ID: 1koNoN-00495O-Pt X-Source: X-Source-Args: X-Source-Dir: X-Source-Sender: (puffy.delluomo-morettin.local) [2.224.154.24]:36117 X-Source-Auth: segreteria@delluomo-morettin.com X-Email-Count: 3 X-Source-Cap: ZGVsbHVvbW87ZGVsbHVvbW87Ym94MjEzNy5ibHVlaG9zdC5jb20= X-Local-Domain: yes X-Rspamd-Queue-Id: 4Ctzv60ttqz3NpB X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Dec 2020 09:37:06 -0000 Thank you both Franco and Kristof. I was not able to make pf work with big tables without workarounds of some kind. Tuning net.pf.request_maxcount in sysctl.conf was not working because this kernel parameter was raised after pf started: so, after boot, I had pf not enabled (because table was too big and this lead to an error) but with kernel parameter set as I meant. Best regards. Nicola Il 12/12/20 21:15, Kristof Provost ha scritto: > On 12 Dec 2020, at 15:07, Franco Fichtner wrote: >>> There's no reason for this to be a tunable. It's perfectly safe to >>> change this at runtime. >> >> Well, RWTUN would have enabled both boot and runtime which is also >> "perfectly safe".  :) >> > Good idea. Done in 368588. > > I expect to be bothering people about an EN for the vnet/epair issue > next week, I’ll see if I can include this in the bothering. > > Best regards, > Kristof > _______________________________________________ > freebsd-pf@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"