From owner-freebsd-pf@FreeBSD.ORG Thu Nov 30 16:14:09 2006 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E1B5F16A4FD for ; Thu, 30 Nov 2006 16:14:09 +0000 (UTC) (envelope-from linux@giboia.org) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.175]) by mx1.FreeBSD.org (Postfix) with ESMTP id ECC9C440C5 for ; Thu, 30 Nov 2006 16:03:53 +0000 (GMT) (envelope-from linux@giboia.org) Received: by ug-out-1314.google.com with SMTP id o2so1952401uge for ; Thu, 30 Nov 2006 08:03:57 -0800 (PST) Received: by 10.78.97.7 with SMTP id u7mr3695042hub.1164902637602; Thu, 30 Nov 2006 08:03:57 -0800 (PST) Received: by 10.78.175.17 with HTTP; Thu, 30 Nov 2006 08:03:57 -0800 (PST) Message-ID: <6e6841490611300803y577338adqf52918ef13ca7605@mail.gmail.com> Date: Thu, 30 Nov 2006 14:03:57 -0200 From: "Gilberto Villani Brito" To: "Artyom Viklenko" In-Reply-To: <55273.217.12.197.82.1164898183.squirrel@sigma.interami.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <62972.217.12.197.82.1164883946.squirrel@sigma.interami.com> <6e6841490611300512t73dca3ddt106d58a3e63bc1f1@mail.gmail.com> <55273.217.12.197.82.1164898183.squirrel@sigma.interami.com> Cc: FreeBSD Subject: Re: PF-NAT X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Nov 2006 16:14:10 -0000 Maybe this: set limit option value Set various limits on pf's operation. * frags - maximum number of entries in the memory pool used for packet reassembly (scrub rules). Default is 5000. * src-nodes - maximum number of entries in the memory pool used for tracking source IP addresses (generated by the sticky-address and source-track options). Default is 10000. * states - maximum number of entries in the memory pool used for state table entries (filter rules that specify keep state). Default is 10000. or this: set timeout option value Set various timeouts (in seconds). * interval - seconds between purges of expired states and packet fragments. The default is 10. * frag - seconds before an unassembled fragment is expired. The default is 30. * src.track - seconds to keep a source tracking entry in memory after the last state expires. The default is 0 (zero). Try change this options. Gilberto 2006/11/30, Artyom Viklenko : > > > > Look this options: http://www.openbsd.org/faq/pf/options.html in your > > pf.conf. > > Sorry, which option exactly you mention? > > > > > Gilberto > > > > 2006/11/30, Artyom Viklenko : > >> Hi, All! > >> > >> PF-NAT in FreeBSD does not support multiple > >> instances of pptp connections from internal network. > >> > >> If it will be improved in some time in the future? > >> What about using libalias in pf or if it possible > >> to use ng_nat in pf? > >> > >> May be I'm klueless... please, point me in right > >> direction. :) > >> > >> -- > >> Sincerely yours, > >> Artyom Viklenko. > >> ------------------------------------------------------- > >> artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem > >> FreeBSD: The Power to Serve - http://www.freebsd.org > >> > >> > >> _______________________________________________ > >> freebsd-pf@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf > >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > >> > > _______________________________________________ > > freebsd-pf@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > > > > -- > Sincerely yours, > Artyom Viklenko. > ------------------------------------------------------- > artem@aws-net.org.ua | http://www.aws-net.org.ua/~artem > FreeBSD: The Power to Serve - http://www.freebsd.org > > >