summaryrefslogtreecommitdiff
path: root/sys/net/pf.c
diff options
context:
space:
mode:
authorDaniel Hartmeier <dhartmei@cvs.openbsd.org>2002-12-31 00:00:45 +0000
committerDaniel Hartmeier <dhartmei@cvs.openbsd.org>2002-12-31 00:00:45 +0000
commitb4b233f85561f5c69a711265330e0e2a3eb98152 (patch)
treea3b7aa49ec403b19776f5816e193d7db864f5f35 /sys/net/pf.c
parentc82488c2e804cec8c1624526915a96555fb18b28 (diff)
Use a default state table limit of 10000 entries. This is safe for all
normal configurations, and sufficient for many. You can always increase it, if you need more concurrent states and have enough memory (65000 for 64MB RAM, for instance). Suggested earlier by henning@. ok mcbride@
Diffstat (limited to 'sys/net/pf.c')
-rw-r--r--sys/net/pf.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index e0c0a874187..5f21e196d70 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.288 2002/12/29 20:07:34 cedric Exp $ */
+/* $OpenBSD: pf.c,v 1.289 2002/12/31 00:00:44 dhartmei Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -233,7 +233,7 @@ int pf_socket_lookup(uid_t *, gid_t *, int, sa_family_t,
int, struct pf_pdesc *);
struct pf_pool_limit pf_pool_limits[PF_LIMIT_MAX] =
- { { &pf_state_pl, UINT_MAX }, { &pf_frent_pl, PFFRAG_FRENT_HIWAT } };
+ { { &pf_state_pl, 10000 }, { &pf_frent_pl, PFFRAG_FRENT_HIWAT } };
#define STATE_TRANSLATE(s) \
(s)->lan.addr.addr32[0] != (s)->gwy.addr.addr32[0] || \