[ipfw] Dynamic rules grow indefinitely..
Andrey V. Elsukov
bu7cher at yandex.ru
Sat Dec 9 10:06:19 PST 2006
>It is a web server with ~130req/s, problems seem to start after
>upgrading to a new hardware.
>FreeBSD 6.1-RELEASE-p10
Can you show your /var/run/dmesg.boot, and output of `pciconf -lv` and ifconfig?
>After a hour it will grow more and more.. The day before yesterday I
>got 20 000 dynamic rules ;o) (I was forced to increase
>net.inet.ip.fw.dyn_max because I start to got errors in syslogs).
Try this:
# sysctl -w net.inet.ip.fw.dyn_keepalive=0
--
WBR, Andrey V. Elsukov
More information about the freebsd-stable
mailing list