Date: Wed, 26 Nov 1997 18:43:55 -0800 (PST) From: Jaye Mathisen <mrcpu@cdsnet.net> To: hackers@freebsd.org Subject: How many rules maximum in ipfw? Oh wait, comment... Message-ID: <Pine.NEB.3.95.971126183425.5824U-100000@mail.cdsnet.net>
next in thread | raw e-mail | index | archive | help
My ipfw -a list is coming out at exactly 1024 lines, which tain't enough... (and isn't showing all the rules I have defined). I looked at ip_fw.h in /sys/netinet, and didn't see a constant that limited the length of the rule chain. Given that you can have rule numbers 65000, I would've assumed you could really have that many rules. Need more input... WHere is this sucker at? I'm really only using it for IP accounting, not actually filtering anything at this moment in time. If it has an impact on run-time performance, perhaps it can be set in make.conf ala TOP's user list? Or in the kernel config file? Oh wait, better check ipfw. Yep, there it is, in list(ac,av). It statically sets it to 1024... Perhaps this can be raised to a higher number in the source tree, or maybe user-definable as listed above, or maybe a command-line parameter? I'll hack it, just somebody tell me what makes the most sense.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.95.971126183425.5824U-100000>