Hi Ville,
What I read on the Internet so far about states [1]: The memory counter
shows how often pf tries to insert a state but failed. The reason could be
a hard limit of state entries.
I watched at the memory counter this afternoon and it doesn't increased,
still at 8764.
pfctl -s memory
states hard limit 10000
src-nodes hard limit 10000
frags hard limit 5000
tables hard limit 1000
table-entries hard limit 200000
systat
Sorry for pastebin link [2], but the formatting is broken inside a mail
Best Regards,
Patrick
[1] http://www.packetmischief.ca/2011/02/17/hitting-the-pf-state-table-limit/
[2] http://pastebin.com/CnfEZDE9
On Fri, 3 Oct 2014, Ville Valkonen wrote:
On 3 October 2014 11:11, Ville Valkonen <weezeld...@gmail.com> wrote:
On 2 October 2014 23:36, <jum...@yahoo.de> wrote:
$ sysctl kern.netlivelocks
kern.netlivelocks=2
What does this means? I found something like a deadlock, when two processes
block each other, I'm right?
This is useful information specially under the load. I don't have the
source code available at the moment but as far as I know/remember it
tells how much interrupts network devices create (this is likely
wrong, don't take it as a fact. And please, someone correct me).
and interrupt statistics (by systat for example) would be helpful.
You mean during peak load. I will send it on Monday.
Yes, that's correct. Sorry for not mention this in the first mail.
btw. if you could yet provide this information it would be great:
$ sudo pfctl -sa |grep -A 5 LIMITS
Correction: rather use pfctl -s memory
