hi misc! I've recently switched my alix box from 4.7 to 4.9. This box is
mainly used as a home firewall with PF superpower :) What I'm finding is
that the State Table has _all_the_time a constant rate of ~ 120-150/s
searches and I'm pretty sure this is something new (since the upgrade?).
Here's the current output (with almost zero network traffic):
$ sudo pfctl -si
Status: Enabled for 11 days 22:56:04 Debug: err
Interface Stats for vr0 IPv4 IPv6
Bytes In 20760381044 0
Bytes Out 9005983011 64
Packets In
Passed 30510355 0
Blocked 360946 0
Packets Out
Passed 32885415 1
Blocked 38278 0
State Table Total Rate
current entries 4
searches 128554866 124.5/s
inserts 3152644 3.1/s
removals 3152640 3.1/s
Counters
match 3880187 3.8/s
bad-offset 0 0.0/s
fragment 43 0.0/s
short 220264 0.2/s
normalize 22 0.0/s
memory 0 0.0/s
bad-timestamp 8795 0.0/s
congestion 0 0.0/s
ip-option 0 0.0/s
proto-cksum 0 0.0/s
state-mismatch 5631 0.0/s
state-insert 0 0.0/s
state-limit 11475 0.0/s
src-limit 0 0.0/s
synproxy 101089 0.1/s
$ uname -a
OpenBSD pfire.localdomain 4.9 GENERIC#671 i386
$ w
11:55AM up 11 days, 23:02, 2 users, load averages: 0.16, 0.12, 0.09
Any idea why there are so many searches been performed constantly? what
does this means ?
TIA
LU
