Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 15 Nov 2006 17:14:38 -0000
From:      "Greg Hennessy" <Greg.Hennessy@nviz.net>
To:        "'Dan Langille'" <dan@langille.org>, <freebsd-pf@freebsd.org>
Subject:   RE: state table filled up?
Message-ID:  <000001c708d9$880876d0$0301a8c0@vaio>
In-Reply-To: <455AFDD3.28719.62D53A13@dan.langille.org>

next in thread | previous in thread | raw e-mail | index | archive | help
> I suspect this may have been my state table filling up.
> 

For a high traffic'd internet facing service such as Freshports, running
pfstat, symon or even the pf snmp mibs loaded into something such as Cacti
is not optional. 

They would have kept track of firewall state table utilisation over time. 

As a short term measure. 

 pfctl -si

will tell you how many entries are in the state table. 


Greg
 




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000001c708d9$880876d0$0301a8c0>