Is there an upper limit to PF's tables?
Chris H
bsd-lists at BSDforge.com
Mon Jun 18 18:37:47 UTC 2018
On Mon, 18 Jun 2018 12:08:33 +0200 "Kristof Provost" <kristof at sigsegv.be> said
> On 18 Jun 2018, at 0:19, Chris H wrote:
> > Sorry. Looks like I might be coming to the party a little late. But
> > I'm
> > currently running a 9.3 box that runs as a IP (service) filter for
> > much
> > of a network. While I've patched the box well enough to keep it safe
> > to
> > continue running. I am reluctant to up(grade|date) it to 11, or
> > CURRENT,
> > based on some of the information related to topics like this thread.
> > Currently, the 9.3 box maintains some 18 million entries *just* within
> > the SPAM related table. The other tables contain no less that 1
> > million.
> > As it stands I have *no* trouble loading pf(4) with all of the tables
> > totaling some 20+ million entries, *even* when the BOX is working with
> > as little 4Gb ram.
> > Has something in pf(4) changed, since 9.3 that would now prevent me
> > from continuing to use my current setup, and tables?
> >
> No. There are no new limits in 11, and the only thing that *might* be an
> issue is validation improvements in 12. Still, anything that worked on 9
> is expected to work on 12 (if not, report a bug).
Thank you very much for the informative reply, Kristof!
>
> Please don’t keep running unsupported versions.
You're reply leaves me little reason to think I need, or want to. :-)
Thanks, again!
--Chris
>
> Regards,
> Kristof
More information about the freebsd-pf
mailing list