pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable

From: Özkan KIRIK <ozkan.kirik_at_gmail.com>
Date: Sat, 26 Jun 2021 22:38:54 +0300
Hi,

pfctl -P -ss -vv command cannot finish and eats %100 of single core cpu
when number of states is over 50.000.
Even killall -9 pfctl doesn't help. process cannot be killed.

I'm using FreeBSD stable/12 that pulled at 2021-06-05.
State policy is configured as floating. I don't know if it matters
switching to if-bound.

Do you have any suggestions to overcome this problem?

Regards,
Received on Sat Jun 26 2021 - 19:38:54 UTC

Original text of this message