diff options
author | Scott Ullrich <sullrich@pfsense.homeunix.net> | 2009-07-11 17:56:09 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.homeunix.net> | 2009-07-11 17:56:45 -0400 |
commit | 8ba218f29d88ae45ad0fc779480659415e35d3b1 (patch) | |
tree | 3e136b191a9cd133955186704ba26ef7897e2872 /etc | |
parent | a2d02d8d233ce31d8e1ef5eafc95cc47c11b4ade (diff) | |
download | pfsense-8ba218f29d88ae45ad0fc779480659415e35d3b1.zip pfsense-8ba218f29d88ae45ad0fc779480659415e35d3b1.tar.gz |
For now set the number of flows to the same as allowable states.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index c16a653..2b98398 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -189,10 +189,13 @@ function filter_configure_sync() { if ($config['system']['maximumstates'] <> "" && is_numeric($config['system']['maximumstates'])) { /* User defined maximum states in Advanced menu. */ $rules .= "set limit states {$config['system']['maximumstates']}\n"; + mwexec("/usr/sbin/sysctl net.inet.ip.output_flowtable_size={$config['system']['maximumstates']}"); } else { $max_states = pfsense_default_state_size(); $rules .= "set limit states {$max_states}\n"; + mwexec("/usr/sbin/sysctl net.inet.ip.output_flowtable_size={$max_states}"); } + $rules .= "\n"; $rules .= "set skip on pfsync0\n"; $rules .= "\n"; @@ -2245,4 +2248,4 @@ EOD; return($ipfrules); } -?> +?>
\ No newline at end of file |