Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS EnterpriseFreeBSD-EN-21:09.pf : net.pf.request_maxcount not settable from loader.conf
Versions Affected : All versions prior to TrueNAS 12.0-U3
Description
The net.pf.request_maxcount sysctl provides an upper bound on the amount of memory used by pf(4) to store various types of state.
Prior to FreeBSD 12.2 this sysctl was read-only and could only be adjusted via loader.conf(5). In FreeBSD 12.2, the sysctl was made writeable, but lost the ability to be adjusted from loader.conf(5). pf(4) may fail to load filtering rules if they cause the default request_maxcount bound to be exceeded. Users that relied on loader.conf to increase the request_maxcount value could see their rules fail to load.
Workaround
The value of request_maxcount may be set via sysctl.conf(5).
Mitigation
- Upgrade to TrueNAS 12.0-U3 or later.
Commit
- FreeBSD Revision : r369554
- TrueNAS Commit : f2858df
- TrueNAS Commit : ab8a956
- TrueNAS Commit : 1f8a656
- JIRA Ticket : NAS-109604