Is there an upper limit to PF's tables?
Kristof Provost
kristof at sigsegv.be
Mon Jun 18 10:08:37 UTC 2018
On 18 Jun 2018, at 0:19, Chris H wrote:
> Sorry. Looks like I might be coming to the party a little late. But
> I'm
> currently running a 9.3 box that runs as a IP (service) filter for
> much
> of a network. While I've patched the box well enough to keep it safe
> to
> continue running. I am reluctant to up(grade|date) it to 11, or
> CURRENT,
> based on some of the information related to topics like this thread.
> Currently, the 9.3 box maintains some 18 million entries *just* within
> the SPAM related table. The other tables contain no less that 1
> million.
> As it stands I have *no* trouble loading pf(4) with all of the tables
> totaling some 20+ million entries, *even* when the BOX is working with
> as little 4Gb ram.
> Has something in pf(4) changed, since 9.3 that would now prevent me
> from continuing to use my current setup, and tables?
>
No. There are no new limits in 11, and the only thing that *might* be an
issue is validation improvements in 12. Still, anything that worked on 9
is expected to work on 12 (if not, report a bug).
Please don’t keep running unsupported versions.
Regards,
Kristof
More information about the freebsd-pf
mailing list