pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable

From: Özkan KIRIK <>
Date: Sat, 26 Jun 2021 22:38:54 +0300

pfctl -P -ss -vv command cannot finish and eats %100 of single core cpu
when number of states is over 50.000.
Even killall -9 pfctl doesn't help. process cannot be killed.

I'm using FreeBSD stable/12 that pulled at 2021-06-05.
State policy is configured as floating. I don't know if it matters
switching to if-bound.

Do you have any suggestions to overcome this problem?

Received on Sat Jun 26 2021 - 19:38:54 UTC

Original text of this message