I am convinced that there is some sort of "leak" in the state table
statistics.
My stats are:
IP states added:
415669 TCP
84356 UDP
59728 ICMP
33978265 hits
44129766 misses
0 maximum
0 no memory
608 bkts in use
3214 active
144060 expired
412479 closed
when I count them up using ipfstat -R -sl I only get about 600 or so
which makes sense. Also, running ipf -FS -Fs DOES NOT clear the 3214
number but rather sets the active back 600 or so (which is the bkts
in use number).
my question is: Does the active statistic represent the number of
statistics that I can retrieve from ipfstat -R -sl or not.
I have been through the docs the man pages and the posts. I can't
seem to find these answers. If no one knows this then it looks like I
will be going through the code to see for myself this weekend :(
Thanks,
--Wes
