Bug 193300

Summary:	Improve "ipfw: add_dyn_rule: Cannot allocate rule" log message user experience
Product:	Documentation	Reporter:	me
Component:	Books & Articles	Assignee:	Alexander V. Chernikov <melifaro>
Status:	Closed FIXED
Severity:	Affects Only Me	CC:	crees, emaste, koobs, melifaro
Priority:	---	Keywords:	easy
Version:	Latest
Hardware:	Any
OS:	Any

Description me 2014-09-04 02:31:37 UTC

After about 40 days of uptime, my installation's dmesg contained such messages. There's no mention of this anywhere and Google search points me to code in repos.

Ended up rebooting the machine. I came to know of the cause from @FreeBSDHelp https://twitter.com/FreeBSDHelp/status/507303992389414913

THIS NEEDS TO BE DOCUMENTED IN check-state or somewhere appropriate.

Comment 1 Kubilay Kocak freebsd_committer

2014-09-05 05:47:33 UTC

Thank you for your report Nilesh!

This was originally introduced in r243707. [1]

Probably a good opportunity to clarify the LOG_DEBUG message, possibly with a mention of net.inet.ip.fw.dyn_max sysctl tunable or similar.

Perhaps also worth revisiting the default value for this tunable as well.

CC'ing original committer (melifaro@) who likely has an expert opinion :)

[1] https://svnweb.freebsd.org/base?view=revision&amp;revision=243707

MFC candidate.

Comment 2 commit-hook freebsd_committer

2014-10-24 13:58:02 UTC

A commit references this bug:

Author: melifaro
Date: Fri Oct 24 13:57:16 UTC 2014
New revision: 273588
URL: https://svnweb.freebsd.org/changeset/base/273588

Log:
  Bump default dynamic limit to 16k entries.
  Print better log message when limit is hit.

  PR:		193300
  Submitted by:	me at nileshgr.com

Changes:
  head/sys/netpfil/ipfw/ip_fw_dynamic.c

Comment 3 Chris Rees freebsd_committer

2018-12-24 19:21:28 UTC

Close bug and assign as fixed.