The number of dynamic rules is tunable. However, this shows that you have a LOT of captive portal activity. If it is normal traffic then you need to tune a sysctl. Please see http://lists.freebsd.org/pipermail/freebsd-ipfw/2004-September/001390.html for the sysctl information.
Scott On 11/15/06, Imre Ispánovits <[EMAIL PROTECTED]> wrote:
Theoretically it was just started with very low load (just set up a temporary AP on that interface), but it needs more testing because when I noticed this messages (hmm. and I couldn't logged on to CP), I disabled CP immediately and will continue testing as soon as nobody uses the AP. Thank you for the quick answer Imre On Wed, 15 Nov 2006 15:09:11 +0100 "Holger Bauer" <[EMAIL PROTECTED]> wrote: > IPFW is only used for CP, that is correct. If IPFW gets unloaded the interface won't be captured to the loginpage anymore. The firewallrules set at that interface however will remain active as these are handled by pf. When this occurs how many states does your system show at status>system? Maybe someone who authenticated fired up a statehog like bittorrent? I don't know if there is a way to bump up the limit for IPFW somehow or what limit is in place atm but I guess you are exceeding it somehow. > > Holger > > > -----Original Message----- > > From: Imre Ispánovits [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, November 15, 2006 1:49 PM > > To: [email protected] > > Subject: [pfSense Support] Too many dynamic rules error > > > > Hi List, > > > > I'm using pfSense 1.0.1 on generic pc dual-wan-carp configuration. > > I've started to play with captive portal now on OPT4 interface. > > I'm receiving the following messages on the console: > > > > # ipfw: install_state: Too many dynamic rules # IP firewall unloaded > > > > # Warning: memory type IpFw/IpAcct leaked memory on destroy > > (1 allocations, > > #1024 bytes leaked). > > > > I've got the feeling that this has some relation to captive > > portal, but I'm maybe wrong. > > What these mean? How serious it is? What should I care of to > > get rid of this errors? > > > > Thanks > > Imre > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
