Is there a feature currently in pf that allows one to limit how many
states one IP or group or macro or interface can use up? For example, i
want my clients that i am natting out to be limited to 1000 states per
machine so if they get a virus they won't be able to fill up my state
tables with bogus pings or attacks on other machines on the internet.
Ryan McBride has written something like that... It'll be in 3.5 I hope! Cedric
