ipfilter: Load optionlist prior to ippool invocation

As a safety precaution df381bec2d limits ippool hash table size to 1K.
This causes any legitimely large hash table to fail to load. The
htable_size_max ipf tuneable adjusts this but the adjustment is made
in the ipfilter rc script, invoked after the ippool script (because it
depends on ippool). Let's load the ipfilter_optionlist in ippool as well.
ipfilter_optionlist load will also occur in the ipfilter rc script in case
the user uses ipfilter without ippool.

Fixes:		df381bec2d
MFC after:	3 days
This commit is contained in:
Cy Schubert
2025-11-26 11:40:36 -08:00
parent 3e69618d4b
commit d5d005e9bf
+3
View File
@@ -27,6 +27,9 @@ required_modules="ipl:ipfilter"
ippool_start_precmd()
{
rc_flags="-f ${ippool_rules} ${rc_flags}"
if [ -n "${ifilter_optionlist}" ]; then
${ipfilter_program:-/sbin/ipf} -T "${ipfilter_optionlist}"
fi
}
ippool_reload()