Hello Tamas,
</snip>
> > if upgrading to snapshots is not an option for you. can you give
> > a try to patch below? it's dlg's commit merged to 7.2. There is
> > some divergence between current and 7.2 (*_state_import()) got
> > moved from if_pfsync.c to pf.c in current. I had to craft that
> > part of diff manually.
> >
> > thanks a lot for your help
>
> I am going to advise the team operating the firewall.
>
> I have 2 goals:
> . have the issue fixed (and get the hosts stable)
> . end up with something that is upgradable (e.g.: syspatch) in a reasonable
> way
> (and probably have the fix available for others)
>
> If applying the patch to 7.2 helps with the testing to get a syspatch out that
> would be probably the best.
please also watch vmstat
vmstat -m |egrep -e '^Name|^pfst'
on a system with diff applied. just to make sure the crafted diff for 7.2
does not introduce a memory/reference leak.
thanks and
regards
sashan
