Date: Thu, 30 Nov 2006 14:03:57 -0200 From: "Gilberto Villani Brito" <linux@giboia.org> To: "Artyom Viklenko" <artem@aws-net.org.ua> Cc: FreeBSD <freebsd-pf@freebsd.org> Subject: Re: PF-NAT Message-ID: <6e6841490611300803y577338adqf52918ef13ca7605@mail.gmail.com> In-Reply-To: <55273.217.12.197.82.1164898183.squirrel@sigma.interami.com> References: <62972.217.12.197.82.1164883946.squirrel@sigma.interami.com> <6e6841490611300512t73dca3ddt106d58a3e63bc1f1@mail.gmail.com> <55273.217.12.197.82.1164898183.squirrel@sigma.interami.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Maybe this:
set limit option value
Set various limits on pf's operation.
* frags - maximum number of entries in the memory pool used
for packet reassembly (scrub rules). Default is 5000.
* src-nodes - maximum number of entries in the memory pool
used for tracking source IP addresses (generated by the sticky-address
and source-track options). Default is 10000.
* states - maximum number of entries in the memory pool used
for state table entries (filter rules that specify keep state).
Default is 10000.
or this:
set timeout option value
Set various timeouts (in seconds).
* interval - seconds between purges of expired states and
packet fragments. The default is 10.
* frag - seconds before an unassembled fragment is expired.
The default is 30.
* src.track - seconds to keep a source tracking entry in
memory after the last state expires. The default is 0 (zero).
Try change this options.
Gilberto
2006/11/30, Artyom Viklenko <artem@aws-net.org.ua>:
>
> <quote who="Gilberto Villani Brito">
> > Look this options: http://www.openbsd.org/faq/pf/options.html in your
> > pf.conf.
>
> Sorry, which option exactly you mention?
>
> >
> > Gilberto
> >
> > 2006/11/30, Artyom Viklenko <artem@aws-net.org.ua>:
> >> Hi, All!
> >>
> >> PF-NAT in FreeBSD does not support multiple
> >> instances of pptp connections from internal network.
> >>
> >> If it will be improved in some time in the future?
> >> What about using libalias in pf or if it possible
> >> to use ng_nat in pf?
> >>
> >> May be I'm klueless... please, point me in right
> >> direction. :)
> >>
> >> --
> >> Sincerely yours,
> >> Artyom Viklenko.
> >> -------------------------------------------------------
> >> artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem
> >> FreeBSD: The Power to Serve - http://www.freebsd.org
> >>
> >>
> >> _______________________________________________
> >> freebsd-pf@freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
> >>
> > _______________________________________________
> > freebsd-pf@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
> >
>
>
> --
> Sincerely yours,
> Artyom Viklenko.
> -------------------------------------------------------
> artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem
> FreeBSD: The Power to Serve - http://www.freebsd.org
>
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6e6841490611300803y577338adqf52918ef13ca7605>