pf and hnX interfaces
Robert Schulze
rs at bytecamp.net
Tue Oct 13 09:17:32 UTC 2020
Hi,
Am 13.10.20 um 10:58 schrieb Eugene M. Zheganin:
>
> And the most mysterious part - when I switch the pf off, the errors
> stops to appear. This would clearly mean that pf blocks some packets,
> but then again, this way the pflog0 would show them up, right (and yes -
> it's "UP" )?
maybe you run into state limits?
Try pfctl -si and look into the value for "memory". If this is greater
than 0, you have exausted the global state limit some time. "PF states
limit reached" is also logged in the system message buffer, then.
regards,
Robert Schulze
More information about the freebsd-stable
mailing list