Date: Wed, 18 May 2011 15:37:53 +0300 From: =?WINDOWS-1251?B?wujy4Ovo6SDC6+Dk6Ozo8O7i6Pc=?= <artemrts@ukr.net> To: "quentin.narvor" <quentin.narvor@ensi-bourges.fr> Cc: freebsd-pf@freebsd.org Subject: Re: Large table issue Message-ID: <E1QMg0f-0006p0-Iy@ffe2.ukr.net> In-Reply-To: <390946c3b25ae3d887574555a494cb42@ensi-bourges.fr> References: <390946c3b25ae3d887574555a494cb42@ensi-bourges.fr>
index | next in thread | previous in thread | raw e-mail
--- Original Message --- From: "quentin.narvor" <quentin.narvor@ensi-bourges.fr> To: freebsd-pf@freebsd.org Date: 18 May 2011, 14:03:14 Subject: Re: Large table issue > I am trying to detect problems on hosts in my network : I want to > detect when a communication occurs with a compromised host. > I have built a blacklist which holds near 2 millions ip (spam, > malware.... hosts). > > But I can't load it into pf, I get this when I try : > > /etc/pf.conf:6: cannot define table bl: Cannot allocate memory > pfctl: Syntax error in config file: pf rules not loaded > > I suspect there is a memory limitation somewhere (in the kernel ??) > which prevent me from loading the table but I am not very comfortable > with kernel variables. > I have already try modifying kern.maxssiz and kern.dflsiz without > success. > > Any idea? May be you should set this: set limit table-entries 2000000help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1QMg0f-0006p0-Iy>