pf and table-entries

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

pf and table-entries

Vincent Bolinard-2

I noticed a strange behavior in pf :

I can't load a table with more than 100000 lines even if I add 'set limit
table-entries 200000' in /etc/pf.conf

Here is the error message (at boot time) :

/etc/pf.conf:35: cannot define table bad_IP: Cannot allocate memory
pfctl: Syntax error in config file: pf rules not loaded.

To be able to load the file, pf needs to be ran without the table defined (so,
the limit is set correctly), and to be ran a second time to load the table.

I'm running OpenBSD 3.8-Release.

Is there a workaround ?

Tell me if you need more details.