>The patch provided at https://reviews.freebsd.org/D3503 should help your case. >During a full ruleset reload, taking into account so many rules, you will >impact normal packet processing. >Hence you have the feeling of the box being frozen or not forwarding traffic.
>That patch reduces the overhead of reloading a ruleset. >Though even more lock breakdown is necessary on pf(4) but that is another >topic. Sounds great. I'll try that. Andrej _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
