Date: Fri, 29 Apr 2022 17:30:27 +0000 From: bugzilla-noreply@freebsd.org To: pf@FreeBSD.org Subject: [Bug 263626] PF is unable to load more than 200000 entries Message-ID: <bug-263626-16861-Op3AeAfFBU@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-263626-16861@https.bugs.freebsd.org/bugzilla/> References: <bug-263626-16861@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D263626 Chris Hutchinson <portmaster@bsdforge.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |portmaster@bsdforge.com --- Comment #1 from Chris Hutchinson <portmaster@bsdforge.com> --- With 1,269,713 lines total in 58 tables and a total of a quarter billion IP addresses entered in CIDR notation. I have only the following changes in loader.conf(5) net.pf.states_hashsize=3D65536 net.pf.source_nodes_hashsize=3D16384 net.pf.request_maxcount=3D2500000 and in pf.conf(5) set limit table-entries 1700000 set limit states 600000 and I don't experience your trouble. Were you ever able to load these tables? Are you able to load them during boot? Or is this only a problem when attempting to REload them? If it's re-load that is the problem. You have to understand that generally speaking, you require twice the memory to reload tables as to simply load them. You would probably do well to merge the files "/etc/spammers" and "/etc/blocklist" into simply "/etc/BLOCKED" and use: table <blocked> persist file "/etc/BLOCKED" HTH --Chris --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-263626-16861-Op3AeAfFBU>