Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [zone: pf states] PF states limit reached

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 680 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Vladimir88
      last edited by

      Hello! I ask you to help me. A few days ago there was a problem, it repeats every day at about the same time. I made a screenshot of the monitoring, what to do next, there is not enough knowledge. I ask you to help me.
      pf sense.png

      1 Reply Last reply Reply Quote 0
      • F
        fwcheck
        last edited by

        The message says that your pfsense State-Limit has been reached. You can increase the limit under
        System > Advanced > Firewall & NAT
        Firewall Maximum States

        This will mitigate the problem that the limit is reached. But i suspect that this might not be enough.

        Moreover you should check what causes theses high states (e.g. misconfiguration, scan to somewhere, cron-job). As it is about the same time you should dump either state-table using
        pfctl -ss > filename
        and analyse. If that does not reveal it use tcpdump to see what is happening.

        johnpozJ 1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @fwcheck
          last edited by johnpoz

          @fwcheck said in [zone: pf states] PF states limit reached:

          Moreover you should check what causes theses high states

          Exactly - if happens around the same time everyday.. Do you have some sort of scan taking off? That seems like a high amount of destination addresses..

          Sure likes a scan of some sort to me.. You have a really low number of source IPs.. So I take it not a lot of clients?

          Where are all the states too? or from?

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.