Date: Tue, 16 Jan 2018 10:23:54 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 209475] pf didn't check if enough free RAM for net.pf.states_hashsize Message-ID: <bug-209475-17777-glWRnAKUw7@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-209475-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-209475-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D209475 --- Comment #15 from Kristof Provost <kp@freebsd.org> --- (In reply to fehmi noyan isi from comment #14) > So, does this come down to supplying a default value and re-attempting ma= lloc() again? I was thinking in that direction as well, yes. It's either that, or not activating pf at all. Running it with a smaller state table might not be id= eal, but it's bound to be a lot better than running without firewall at all. > Yes, that might help to avoid this bug, but I do not think FreeBSD has ma= llocarray()? It does now. It was added very recently (in head). man 9 mallocarray. It mi= ght be worth doing that change in a separate commit. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-209475-17777-glWRnAKUw7>