Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 18 Jun 2018 11:38:01 -0700
From:      "Chris H" <bsd-lists@BSDforge.com>
To:        "Kristof Provost" <kristof@sigsegv.be>
Cc:        "Miroslav Lachman" <000.fbsd@quip.cz>, "FreeBSD PF List" <freebsd-pf@freebsd.org>
Subject:   Re: Is there an upper limit to PF's tables?
Message-ID:  <e4e00c5405a23b4d5362a2cabf2b11fa@udns.ultimatedns.net>
In-Reply-To: <5C1BA1CA-5814-417F-BD9C-EC6E7F08588C@sigsegv.be>

next in thread | previous in thread | raw e-mail | index | archive | help

On Mon, 18 Jun 2018 12:08:33 +0200 "Kristof Provost" <kristof@sigsegv.be> said

> On 18 Jun 2018, at 0:19, Chris H wrote:
> > Sorry. Looks like I might be coming to the party a little late. But 
> > I'm
> > currently running a 9.3 box that runs as a IP (service) filter for 
> > much
> > of a network. While I've patched the box well enough to keep it safe 
> > to
> > continue running. I am reluctant to up(grade|date) it to 11, or 
> > CURRENT,
> > based on some of the information related to topics like this thread.
> > Currently, the 9.3 box maintains some 18 million entries *just* within
> > the SPAM related table. The other tables contain no less that 1 
> > million.
> > As it stands I have *no* trouble loading pf(4) with all of the tables
> > totaling some 20+ million entries, *even* when the BOX is working with
> > as little 4Gb ram.
> > Has something in pf(4) changed, since 9.3 that would now prevent me
> > from continuing to use my current setup, and tables?
> >
> No. There are no new limits in 11, and the only thing that *might* be an 
> issue is validation improvements in 12. Still, anything that worked on 9 
> is expected to work on 12 (if not, report a bug).
Thank you very much for the informative reply, Kristof!

> 
> Please don’t keep running unsupported versions.
You're reply leaves me little reason to think I need, or want to. :-)

Thanks, again!

--Chris
> 
> Regards,
> Kristof





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e4e00c5405a23b4d5362a2cabf2b11fa>