kern.ipc.somaxconn should be high for a PF firewall with a lot of states

[Lowell Gilbert]

"Iantcho Vassilev" <ianchov at gmail.com> writes:

> kern.ipc.somaxconn is for handling more incoming connections,right?

Well, kind of.  It's a systemwide limit on the maximum number of
connections that a given socket can accept.

>                                                                     but does
> firewall connections are considered incoming?

No, not really.  But the question doesn't really make sense.  What are
you trying to do?

-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
		http://be-well.ilk.org/~lowell/