From e3cadfdb321604d343e2315e46b988e428811d32 Mon Sep 17 00:00:00 2001
From: "Alexander V. Chernikov" <melifaro@FreeBSD.org>
Date: Sat, 4 Oct 2014 12:46:26 +0000
Subject: [PATCH] Bump max rule size to 512 opcodes.

---
 sys/netpfil/ipfw/ip_fw_sockopt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/netpfil/ipfw/ip_fw_sockopt.c b/sys/netpfil/ipfw/ip_fw_sockopt.c
index f5fbd15ed25..4e5b56a7683 100644
--- a/sys/netpfil/ipfw/ip_fw_sockopt.c
+++ b/sys/netpfil/ipfw/ip_fw_sockopt.c
@@ -940,7 +940,7 @@ ipfw_getrules(struct ip_fw_chain *chain, void *buf, size_t space)
 int
 ipfw_ctl(struct sockopt *sopt)
 {
-#define	RULE_MAXSIZE	(256*sizeof(u_int32_t))
+#define	RULE_MAXSIZE	(512*sizeof(u_int32_t))
 	int error;
 	size_t size, len, valsize;
 	struct ip_fw *buf, *rule;