On 02.08.2017 19:39, Steve Williams wrote:
> Hi,
>
> I apologize! I just got educated :)
>
> Without reading your original email without attention to detail, I
> assumed your overload was to a table called "Sources".
> eg... overload <Sources> flush global
>
> I was not aware of the existance of the "Sources" table. Now I am!
> lol.
>
> I did confirm that the "pfctl -F Sources" does not empty my "Sources"
> table on my stock OpenBSE 6.1.
Yeah, we spotted that on one of our 6.1 hosts too, but it's been fixed:
005: RELIABILITY FIX: May 6, 2017
Expired pf source tracking entries never got removed, leading to memory
exhaustion.
ref:
https://www.openbsd.org/errata61.html
No comments:
Post a Comment