[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Max table size... The 'pfctl Cannot allocate memory' issue



On Mon, Oct 11, 2004 at 07:01:45PM +0200, Csillag Tamas wrote:
> The problem is if I want to load NJABL RBL list to <spamd> I get
> pfctl Cannot allocate memory.
That list is well over 2'000'000 entries large, if I understand their
web page correctly.
On i386, each table entry is 156 bytes. That means the entire table
would need over 297MB of kernel memory. Even with the changes that went
in, that's too much. On macppc, I can load 1'000'000 entries of 160
bytes each, costing 152MB of kernel memory.
You could start shaving off some fat from struct pfr_kentry:
struct pfr_kentry {
	...
        u_int64_t        pfrts_packets[PFR_DIR_MAX][PFR_OP_TABLE_MAX];
        u_int64_t        pfrts_bytes[PFR_DIR_MAX][PFR_OP_TABLE_MAX];
	...
};
That's 2*2*3*8 == 96 bytes just for the packet/bytes counters (shown by
pfctl -t -vvTs). If you don't care for those, remove the counters (and
adjust pfctl so it doesn't rely on them being present). Maybe make it
#ifdef PF_LEAN_TABLES or such :)
Daniel