Author: kp
Date: Thu Jul 12 16:35:35 2018
New Revision: 336221
URL: https://svnweb.freebsd.org/changeset/base/336221
Log:
pf: Increate default state table size
The typical system now has a lot more memory than when pf was new, and is also
expected to handle more connections. Increase the default size of the state
table.
Note that users can overrule this using 'set limit states' in pf.conf.
From OpenBSD:
The year is 2018.
Mercury, Bowie, Cash, Motorola and DEC all left us.
Just pf still has a default state table limit of 10000.
Had! Now it's a tiny little bit more, 100k.
lead guitar: me
ok chorus: phessler theo claudio benno
background school girl laughing: bob
Obtained from: OpenBSD
Modified:
head/sys/net/pfvar.h
Modified: head/sys/net/pfvar.h
==============================================================================
--- head/sys/net/pfvar.h Thu Jul 12 16:19:17 2018 (r336220)
+++ head/sys/net/pfvar.h Thu Jul 12 16:35:35 2018 (r336221)
@@ -621,9 +621,9 @@ struct pf_rule {
#define PFRULE_IFBOUND 0x00010000 /* if-bound */
#define PFRULE_STATESLOPPY 0x00020000 /* sloppy state tracking */
-#define PFSTATE_HIWAT 10000 /* default state table size */
-#define PFSTATE_ADAPT_START 6000 /* default adaptive timeout start */
-#define PFSTATE_ADAPT_END 12000 /* default adaptive timeout end */
+#define PFSTATE_HIWAT 100000 /* default state table size */
+#define PFSTATE_ADAPT_START 60000 /* default adaptive timeout start */
+#define PFSTATE_ADAPT_END 102000 /* default adaptive timeout end */
struct pf_threshold {
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
