Date: Tue, 04 Oct 2011 23:39:48 +0200 From: Florian Smeets <flo@FreeBSD.org> To: "Bradley W. Dutton" <brad-fbsd-pf@duttonbros.com> Cc: freebsd-pf@FreeBSD.org Subject: Re: 9-BETA3 "current entries" growing indefinitely Message-ID: <4E8B7D24.107@FreeBSD.org> In-Reply-To: <20111004140605.Horde.FqODeklJCItOi3U9N79RPQs@duttonbros.com> References: <20111004140605.Horde.FqODeklJCItOi3U9N79RPQs@duttonbros.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04.10.11 23:06, Bradley W. Dutton wrote: > Hi, > > I just updated an 8-STABLE box to 9-BETA3 and have a problem where PF > keeps growing the "current entries" indefinitely. I saw another person > with a similar issue: > http://groups.google.com/group/mailing.freebsd.current/browse_thread/thread/f350be446d1914d8?pli=1 > > But I didn't get any reply. > > I rebuilt world again once more after the initial 8-STABLE upgrade to > see if it would fix itself but no luck. My firewall rules haven't > changed and from what I've read I shouldn't need to change anything for > this update. Anyone have any ideas? Flusing states will clear out the 34 > states but won't clear the current entries. I've had to do the following > in pf.conf to keep my home router up for more than a day: > set limit states 1600000 # this used to be 30k > Hi, this is a known problem, and it's being worked on. A workaround is to use the pf module and not compile it into the kernel. HTH, Florian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E8B7D24.107>