Re: pf cannot allocate memory

To: netbsd-users%NetBSD.org@localhost
Subject: Re: pf cannot allocate memory
From: "James K. Lowden" <jklowden%schemamania.org@localhost>
Date: Tue, 23 Sep 2008 22:03:57 -0400

Danny Cautaert wrote:
> On 2008-09-23, James K. Lowden <jklowden%schemamania.org@localhost> wrote:
> > How do I give pf(4) enough memory for my spamd whitelist?  
> >
> > My old whitelist was 149 lines; the new one, sigh, is 39,168 (from
> > http://www.dnswl.org/tech via rsync).  
> 
> I think adding:
> 
> set limit table-entries 50000 
> 
> in /etc/pf.conf might solve 

Thank you for the suggestion.  Seems not an option on my 3.1 system.  :-( 

But, um, it works now.  Don't ask me why.  I changed pf.conf, changed it
back, and now it's fine.  <shrug>

The documentation says "set limit" takes one of only three arguments, 
"states" | "frags" | "src-nodes".  

With that line in my pf.conf, I get:

$ pfctl -nf pf.conf
pfctl: Bad pool name.
pf.conf:14: unable to set limit table-entries 50000

But then, after removing line 14:

$ sudo make reload
modstat -n pf || modload /usr/lkm/pf.o
Type    Id   Offset Loadaddr Size Info     Rev Module Name
DEV       0  -1/161 cadf0000 0098 cae10da0   2 pf
pfctl -nf pf.conf
/etc/rc.d/pf reload
Reloading pf rules.

I guess the kernel decided to give me a break this time....

Regards, 

--jkl

References:
- pf cannot allocate memory
  - From: James K. Lowden
- Re: pf cannot allocate memory
  - From: Danny Cautaert

Prev by Date: Re: Unable to fsck 4.5TB FFSv2 fs
Next by Date: Kernel panic on amd64Netbsd 4.0
Previous by Thread: Re: pf cannot allocate memory
Next by Thread: Unable to fsck 4.5TB FFSv2 fs
Indexes:

Home | Main Index | Thread Index | Old Index