Bug 257270 - 32 character limit in pf/firewall "PF_TABLE_NAME_SIZE". Can it be increased?
Summary: 32 character limit in pf/firewall "PF_TABLE_NAME_SIZE". Can it be increased?
Status: Closed Not Accepted
Alias: None
Product: Base System
Classification: Unclassified
Component: misc (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-pf (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-07-19 08:57 UTC by Valentino
Modified: 2021-07-19 18:13 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Valentino 2021-07-19 08:57:14 UTC
Hello everyone!

I'm coming from OPNsense and already asked my question there:
https://forum.opnsense.org/index.php?topic=23972.0

Franco (Lead-dev OPNsense) directed me to you, as it seems to be a limit in the pf-code.
https://github.com/opnsense/src/blob/17a61782d3b8d86464d5bdc38483ee8a0ac6a4f9/sys/netpfil/pf/pf.h#L185

Is there any reason why aliases are limited to 32 characters in total? Could it be increased or will it break code/performance?

We have a use-case which would require more than 32 chars in the alias name, probably double (64) for good measure.

Thank you in advance and thank you for your continuos work on FreeBSD!
Comment 1 Kristof Provost freebsd_committer 2021-07-19 18:13:53 UTC
That'd change the ABI, breaking all old userspace binaries.
We're not doing that.

Long term this may perhaps become possible, if all calls get converted over to using nvlists. Some have already been done, but there's no expectation that they'll all get done anytime soon (or at all), so do not expect this change.