On Tuesday 16 December 2003 10:40, Andriy Korud wrote: > Цитую Attila Nagy <[EMAIL PROTECTED]>: > > Andriy Korud wrote: > > > The problem is that when traffic grows to 10Mbit and number of active > > > NAT sessions reach 70000, CPU usage exponentialy grows and system > > > spends all > > > > CPU > > > > > time in interrupts handling. > > > The system become completely unreponsible and unsable and only hard > > > reset > > > > is the > > > > > solution. > > > > Did you try OpenBSD's pf? > > Is it ported to 4.9-STABLE? > How can I configure and try it? > > Andriy
It's in the KAME snapkits, AFAIK. A port for DragonFlyBSD is on my site: (1) http://pf4freebsd.love2party.net/pfil.diff.gz (2) http://pf4freebsd.love2party.net/pf_df_test.tar.gz Apply (1) to the tree, build GENERIC kernel with at least: options PFIL_HOOKS options bpf otptions RANDOM_IP_ID #this is a great default, btw install includes (or copy sys/net/pfil.h to /usr/net/pfil.h). Extract (2) and issue: make && make install now you should be able to: kldload pfsync kldload pflog kldload pf mknod pf c 73 0 root:wheel and have fun with pfctl and friends. This _might_ run on 4.x as well, but I think you'll have to work around a few minors to get it working in 4.9. -- Best regards, | [EMAIL PROTECTED] Max Laier | ICQ #67774661 http://pf4freebsd.love2party.net/ | [EMAIL PROTECTED] #DragonFlyBSD _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
