diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2009-07-19 18:39:41 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2009-07-19 18:39:41 -0400 |
commit | 10bfe265a7bb33d4121949376f767ab1e71f3c96 (patch) | |
tree | 622ef4312be352e4ce923af6734f26e5f2ccb34d /etc | |
parent | f6bed3008152041cbeb828c37e62130936e24d7b (diff) | |
download | pfsense-10bfe265a7bb33d4121949376f767ab1e71f3c96.zip pfsense-10bfe265a7bb33d4121949376f767ab1e71f3c96.tar.gz |
Revert the flowtable addition that should have never been accidently commited. Skip pfsync0 similar to how we do in master/HEAD
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 27 |
1 files changed, 13 insertions, 14 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 4e17d9e..2738a27 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -104,17 +104,17 @@ function filter_configure_sync() { mwexec("/sbin/kldload ipfw"); unmute_kernel_msgs(); } - if ($config['system']['maximumstates'] <> "" && is_numeric($config['system']['maximumstates'])) { - /* Set ipfw states to user defined maximum states in Advanced menu. */ - mwexec("sysctl net.inet.ip.fw.dyn_max={$config['system']['maximumstates']}"); - } else { - /* Set to default 10,000 */ - mwexec("sysctl net.inet.ip.fw.dyn_max=10000"); - } - exec("/sbin/ipfw delete set 9"); + if ($config['system']['maximumstates'] <> "" && is_numeric($config['system']['maximumstates'])) { + /* Set ipfw states to user defined maximum states in Advanced menu. */ + mwexec("sysctl net.inet.ip.fw.dyn_max={$config['system']['maximumstates']}"); + } else { + /* Set to default 10,000 */ + mwexec("sysctl net.inet.ip.fw.dyn_max=10000"); + } + exec("/sbin/ipfw delete set 9"); exec("/sbin/ipfw delete 2"); exec("/sbin/ipfw delete 3"); - } + } } $lan_if = $config['interfaces']['lan']['if']; @@ -185,14 +185,13 @@ function filter_configure_sync() { $rules .= "set optimization normal\n"; } - if ($config['system']['maximumstates'] <> "" && is_numeric($config['system']['maximumstates'])) { + if ($config['system']['maximumstates'] <> "" && is_numeric($config['system']['maximumstates'])) { /* User defined maximum states in Advanced menu. */ $rules .= "set limit states {$config['system']['maximumstates']}\n"; - mwexec("/usr/sbin/sysctl net.inet.ip.output_flowtable_size={$config['system']['maximumstates']}"); - } else { - mwexec("/usr/sbin/sysctl net.inet.ip.output_flowtable_size=10000"); - } + } + $rules .= "\n"; + $rules .= "set skip on pfsync0\n"; update_filter_reload_status("Setting up SCRUB information"); /* get our wan interface? */ |