tech-net archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
NPF ruleset limit in -7?
I seem to recall a limit on loading rulesets with NPF at some time in the
past. I ask because of:
# egrep "^[[:space:]]*(pass|block)" /etc/npf.conf | wc -l
127
# npfctl reload
npfctl: npfctl_config_send: Invalid argument
# npfctl validate > /dev/null
# echo $?
0
# ls -l /etc/npf.conf
-rw-r--r-- 1 root wheel 17684 Oct 15 16:40 /etc/npf.conf
Doing some trimming:
# egrep "^[[:space:]]*(pass|block)" /etc/npf.conf | wc -l
101
# npfctl reload
#
Adding 1 extra innocuous line like "pass in from 10.0.0.0/16 to any port
5298":
# egrep "^[[:space:]]*(pass|block)" /etc/npf.conf | wc -l
102
# npfctl reload
npfctl: npfctl_config_send: Invalid argument
This is on:
NetBSD netmanager 7.1_STABLE NetBSD 7.1_STABLE (NETMANRAID) #37: Thu Feb
1 09:02:09 GMT 2018
--
Stephen
Home |
Main Index |
Thread Index |
Old Index