Large table issue
Виталий Владимирович
artemrts at ukr.net
Wed May 18 12:37:56 UTC 2011
--- Original Message ---
From: "quentin.narvor" <quentin.narvor at ensi-bourges.fr>
To: freebsd-pf at freebsd.org
Date: 18 May 2011, 14:03:14
Subject: Re: Large table issue
> I am trying to detect problems on hosts in my network : I want to
> detect when a communication occurs with a compromised host.
> I have built a blacklist which holds near 2 millions ip (spam,
> malware.... hosts).
>
> But I can't load it into pf, I get this when I try :
>
> /etc/pf.conf:6: cannot define table bl: Cannot allocate memory
> pfctl: Syntax error in config file: pf rules not loaded
>
> I suspect there is a memory limitation somewhere (in the kernel ??)
> which prevent me from loading the table but I am not very comfortable
> with kernel variables.
> I have already try modifying kern.maxssiz and kern.dflsiz without
> success.
>
> Any idea?
May be you should set this:
set limit table-entries 2000000
More information about the freebsd-pf
mailing list