summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.homeunix.net>2009-07-11 17:56:09 -0400
committerScott Ullrich <sullrich@pfsense.homeunix.net>2009-07-11 17:56:45 -0400
commit8ba218f29d88ae45ad0fc779480659415e35d3b1 (patch)
tree3e136b191a9cd133955186704ba26ef7897e2872 /etc
parenta2d02d8d233ce31d8e1ef5eafc95cc47c11b4ade (diff)
downloadpfsense-8ba218f29d88ae45ad0fc779480659415e35d3b1.zip
pfsense-8ba218f29d88ae45ad0fc779480659415e35d3b1.tar.gz
For now set the number of flows to the same as allowable states.
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/filter.inc5
1 files changed, 4 insertions, 1 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index c16a653..2b98398 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -189,10 +189,13 @@ function filter_configure_sync() {
if ($config['system']['maximumstates'] <> "" && is_numeric($config['system']['maximumstates'])) {
/* User defined maximum states in Advanced menu. */
$rules .= "set limit states {$config['system']['maximumstates']}\n";
+ mwexec("/usr/sbin/sysctl net.inet.ip.output_flowtable_size={$config['system']['maximumstates']}");
} else {
$max_states = pfsense_default_state_size();
$rules .= "set limit states {$max_states}\n";
+ mwexec("/usr/sbin/sysctl net.inet.ip.output_flowtable_size={$max_states}");
}
+
$rules .= "\n";
$rules .= "set skip on pfsync0\n";
$rules .= "\n";
@@ -2245,4 +2248,4 @@ EOD;
return($ipfrules);
}
-?>
+?> \ No newline at end of file
OpenPOWER on IntegriCloud