Date: Mon, 11 Sep 2017 10:42:39 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 222126] pf is not clearing expired states Message-ID: <bug-222126-17777-nklriph6Kr@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-222126-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-222126-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D222126 --- Comment #12 from noah.bergbauer@tum.de --- set limit { states 100000, src-nodes 10000 } One of my first attempts to fix this was increasing both limits 10x - didn't help though. # pfctl -vsi No ALTQ support in kernel ALTQ related functions disabled Status: Enabled for 1 days 14:44:53 Debug: Urgent Hostid: 0x4b1e78c2 Checksum: 0x67f2a9cbd7b0d65ce52864ecfc156ebb State Table Total Rate current entries 3839=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20 searches 360179452 2582.1/s inserts 594949 4.3/s removals 591110 4.2/s Source Tracking Table current entries 0=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20 searches 0 0.0/s inserts 0 0.0/s removals 0 0.0/s Counters match 689782 4.9/s bad-offset 0 0.0/s fragment 16 0.0/s short 0 0.0/s normalize 0 0.0/s memory 0 0.0/s bad-timestamp 0 0.0/s congestion 0 0.0/s ip-option 0 0.0/s proto-cksum 450 0.0/s state-mismatch 942 0.0/s state-insert 0 0.0/s state-limit 0 0.0/s src-limit 0 0.0/s synproxy 0 0.0/s map-failed 0 0.0/s Limit Counters max states per rule 0 0.0/s max-src-states 0 0.0/s max-src-nodes 0 0.0/s max-src-conn 0 0.0/s max-src-conn-rate 0 0.0/s overload table insertion 0 0.0/s overload flush states 0 0.0/s --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-222126-17777-nklriph6Kr>