Hi all, I'm looking at the "set optimization" policies for PF, and while it's clear that there are varying levels of aggression towards expiring state entries, I can't find exact numbers of what those levels represent.
I assume they're based on a time and/or traffic metric ?? My current policy is just the default (ie. normal), but I have one particular system that wants to do an 60 second heartbeat, which I suspect is being killed by the state expiry purges. Is there somewhere that specifies the definition (or metric) on which the expiry occurs ?? (I can't find it in either the FAQ or the man pages for pf / pf.conf / pfctl) Cheers Dave
