15.43. How can I increase the size of the state table?

SmallWall's default firewall state table is limited to 30,000 states. This is sufficient for the vast majority of firewalls, and extra states may require more RAM than exists in some SmallWall installations.

Unfortunately, to increase the size of the state table you have to recompile the kernel. See the SmallWall Developers' Handbook.


This is rarely necessary. Unless you have a very fast and heavily loaded Internet connection, or 10+ Mb of certain types of peer to peer traffic, chances are you will never exceed 30,000 states. The number of states required by a given environment will vary dramatically. 50 Mbps of HTTP, SMTP, POP3, and IMAP traffic might only take 20,000 states, but 50 Mbps of peer to peer traffic from dozens of machines might take more than a million states.

If you find you cannot create new connections to the Internet from any machine, but existing connections all work properly, you may have exhausted your state table.