Re: "pfctl: Cannot allocate memory" issue with a large table
- In reply to: Chris : "Re: "pfctl: Cannot allocate memory" issue with a large table"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 27 Oct 2021 10:02:11 UTC
On 21/10/26, Chris wrote: >Have you reached your STATE limit? >OTOH you might try adding the IPs from the list individually. Something like: > >iplist=" >w.x.y.z >a.b.c.d >... >g.h.i.j >" > >for block in $iplist >do > pfctl -T add -t <your-table-name-here> $block >done > >I'm managing about a half dozen tables with a combined number of a over >quarter of a billion addresses, and don't have a problem. Even on a servers >with as little as 8GB RAM. Thanks for the suggestion. As far as I can tell, this shouldn't be the case, as the server in question is a relatively quiet server with regard to traffic. It is extremely unlikely that more active states than configured are held concurrently. That being said, I have raised the limit temporarily and will be monitoring the situation. Could you please elaborate as to why you think this may be related? I would like to understand the inner workings of pf a bit better. Best, Marcel