From d42b8f001d874dfbbc743e6f41347e15187d4756 Mon Sep 17 00:00:00 2001
From: claudio <>
Date: Sat, 26 Jan 2013 17:12:21 +0000
Subject: [PATCH] Give an example of how to increase the state limit. The 10k
 limit is too small for production servers now that pf is on by default. OK
 phessler@

---
 src/etc/pf.conf | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/etc/pf.conf b/src/etc/pf.conf
index 98998744..da750651 100644
--- a/src/etc/pf.conf
+++ b/src/etc/pf.conf
@@ -1,9 +1,12 @@
-#	$OpenBSD: pf.conf,v 1.50 2011/04/28 00:19:42 mikeb Exp $
+#	$OpenBSD: pf.conf,v 1.51 2013/01/26 17:12:21 claudio Exp $
 #
 # See pf.conf(5) for syntax and examples.
 # Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
 # in /etc/sysctl.conf if packets are to be forwarded between interfaces.
 
+# increase default state limit from 10'000 states on busy systems
+#set limit states 100000
+
 set skip on lo
 
 # filter rules and anchor for ftp-proxy(8)