PF-NAT

Gilberto Villani Brito linux at giboia.org
Thu Nov 30 08:14:10 PST 2006 

Maybe this:
set limit option value
    Set various limits on pf's operation.
        * frags - maximum number of entries in the memory pool used
for packet reassembly (scrub rules). Default is 5000.
        * src-nodes - maximum number of entries in the memory pool
used for tracking source IP addresses (generated by the sticky-address
and source-track options). Default is 10000.
        * states - maximum number of entries in the memory pool used
for state table entries (filter rules that specify keep state).
Default is 10000.

or this:
set timeout option value
    Set various timeouts (in seconds).
        * interval - seconds between purges of expired states and
packet fragments. The default is 10.
        * frag - seconds before an unassembled fragment is expired.
The default is 30.
        * src.track - seconds to keep a source tracking entry in
memory after the last state expires. The default is 0 (zero).

Try change this options.

Gilberto

2006/11/30, Artyom Viklenko <artem at aws-net.org.ua>:
>
> <quote who="Gilberto Villani Brito">
> > Look this options: http://www.openbsd.org/faq/pf/options.html in your
> > pf.conf.
>
> Sorry, which option exactly you mention?
>
> >
> > Gilberto
> >
> > 2006/11/30, Artyom Viklenko <artem at aws-net.org.ua>:
> >> Hi, All!
> >>
> >> PF-NAT in FreeBSD does not support multiple
> >> instances of pptp connections from internal network.
> >>
> >> If it will be improved in some time in the future?
> >> What about using libalias in pf or if it possible
> >> to use ng_nat in pf?
> >>
> >> May be I'm klueless... please, point me in right
> >> direction. :)
> >>
> >> --
> >>            Sincerely yours,
> >>                             Artyom Viklenko.
> >> -------------------------------------------------------
> >> artem at aws-net.org.ua | http://www.aws-net.org.ua/~artem
> >> FreeBSD: The Power to Serve   -  http://www.freebsd.org
> >>
> >>
> >> _______________________________________________
> >> freebsd-pf at freebsd.org mailing list
> >> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> >> To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
> >>
> > _______________________________________________
> > freebsd-pf at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> > To unsubscribe, send any mail to "freebsd-pf-unsubscribe at freebsd.org"
> >
>
>
> --
>            Sincerely yours,
>                             Artyom Viklenko.
> -------------------------------------------------------
> artem at aws-net.org.ua | http://www.aws-net.org.ua/~artem
> FreeBSD: The Power to Serve   -  http://www.freebsd.org
>
>
>

More information about the freebsd-pf mailing list