On 9.8.2022. 21:32, Hrvoje Popovski wrote: > On 9.8.2022. 19:56, Alexandr Nedvedicky wrote: >> this is a NULL pointer dereference panic. I think we've seen it few >> months >> back. patch below was applied to one of your test machines if I remember >> correct. can you give it a try again to see if it will help? >> >> the change adds a mutex to pf_state structure to protect references >> to keys attached to state. >> >> we also have to take into account a fact that pf_state_export() may be >> presented with state which keys got detached. Hence we have to >> skip such state when doing export. Therefore pf_state_export() >> indicates a failure to hint caller whether data were written (success) >> and we should move to next free slot in output buffer. Or nothing >> got written (failure) and current slot in output buffer is still free. > > Hi, > > this diff is applied to firewall and I will monitor it. > > Thank you ... >
Hi, after 20 days with this diff firewall seems stable. Problem is that last time firewall was up for long time too, and I'm not sure what triggered that panic. I will update that firewall to latest snapshot, apply that diff and wait...
