Peter,

If you want to tune the table sizes and used by IPFilter,
you can use the "-T" command line option for IPFilter.

If you do "ipf -T list", you'll be presented with a list
of tunables, their current, minimum and maximum values.

Some of the values can only be changed with IPFilter is
disabled (ipf -D).  If you want to make a setting permanent,
you need to make it part of /etc/rc.d/ipfilter.

"Misses" are the packets that are received or sent by the system
that do not match any state.

The important number in "ipfstat -s" output is "Maximum", you
ideally want that to be 0, along with "max bucket".

Darren