Project

General

Profile

Actions
Copy link

Todo #15014

closed

Feedback on Configuration — Advanced Configuration Options — Firewall

Added by Steve Y 5 months ago. Updated 3 months ago.

Status:
Rejected
Priority:
Very Low
Assignee:
-
Category:
Configuration
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Page: https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html

Feedback:

re: "By default this is 400,000 entries"

Per Marcos in https://redmine.pfsense.org/issues/11566#change-71003 "We don't set a defined value by default - it's whatever the OS reports (which has its own defaults)."

Actions
Copy link
 #1

Updated by Marcos M 5 months ago

For reference, we did set it before when it was a loader option, but now that it's a tunable the loader default in /boot/defaults/loader.conf is ignored AFAIK. I removed that line on a VM and net.pf.request_maxcount remained at 400000 after a reboot. I'm not certain how that value is determined now.

Actions
Copy link
 #2

Updated by Jim Pingle 3 months ago

  • Status changed from New to Rejected

We still set the default at 400000 in the default config.xml, so the docs are still correct:

: grep maximumtable /conf.default/config.xml 
                <maximumtableentries>400000</maximumtableentries>

If someone removes that from their config, they may get the OS default, but that isn't what we set by default, which is what the docs are referring to.

Actions
Copy link

Also available in: Atom PDF