On Mon, 18 Jun 2018 12:21:47 +0200 "Kurt Jaeger" <li...@opsec.eu> said
Hi!
> > So loading all entries in to empty table works fine, but reloading
> > didn't work.
> Sorry. Looks like I might be coming to the party a little late. But I'm
> currently running a 9.3 box that runs as a IP (service) filter for much
> of a network. While I've patched the box well enough to keep it safe to
> continue running. I am reluctant to up(grade|date) it to 11, or CURRENT,
> based on some of the information related to topics like this thread.
> Currently, the 9.3 box maintains some 18 million entries *just* within
> the SPAM related table. The other tables contain no less that 1 million.
> As it stands I have *no* trouble loading pf(4) with all of the tables
> totaling some 20+ million entries, *even* when the BOX is working with
> as little 4Gb ram.
> Has something in pf(4) changed, since 9.3 that would now prevent me
> from continuing to use my current setup, and tables?
Well, if you plan to upgrade, I'd suggest you do some tests,
like dumping those tables and loading them on a new box.
At all our installations we did use PF in 9.x times and
had no problems to move to 11.x.
Thanks for the reply, Kurt.
That's good advice, indeed. As that was pretty much my "game plan".
But recently I've seen a few entries on the list, and a few pr(1)'s
regarding the inability to start pf(1), because the tables were too large.
Whereas I hadn't heard anyone mention it in the past. So it seemed prudent
to ask. :-)
Thanks again, Kurt!
--Chris
--
p...@opsec.eu +49 171 3101372 2 years to go !
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
