On 6/20/07, Francesco Toscan <[EMAIL PROTECTED]> wrote:
when I first load the rules everything works fine;
when I reload the rules with pfctl -f pf.conf, pfctl segfaults or
exits returning "Cannot allocate memory" as if table-entries limit
were not high enough.
If I first flush the large table and then reload the rules everything
works fine again.
I once read on misc@ Henning Brauer saying pfctl -f performs
operations "atomically": should I assume pfctl creates another copy of
<large_table> in this process? How does it work? It's really just a
curiosity about pfctl internals.
yes, reloading the rules makes another copy then switches over. if
you have a really large table, this means having two copies of the
table during the transition.
