On 4/23/2012 6:33 PM, Christian Lavoie wrote:
The patch mentioned at
http://www.freebsd.org/cgi/query-pr.cgi?pr=165252&cat=kern#reply1 is
working for me -- without the patch my FreeBSD machine crashes within
a minute or two of booting, and with it it's been up for about half a
day now, under non-trivial networking load.
I've contacted the author directly, and he asked that I mention here
that the patch is working for me, and ask that it be reviewed. Can
someone review said patch?
I'm running 9.0-RELEASE, running two jails created following the
vimage/vnet howto at
http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet#Advenced_networking_:_NAT_and_firewalling
Hi Christian,
You may want to try this better version of the patch.
Warning: it's untested, I can't test it at moment in my FreeBSD-10,
because pf panics in several places. I believe it should apply cleanly
to FreeBSD-9.0.
Nikos
Index: sys/contrib/pf/net/pf.c
===================================================================
--- sys/contrib/pf/net/pf.c (revision 234438)
+++ sys/contrib/pf/net/pf.c (working copy)
@@ -203,6 +203,8 @@
VNET_DEFINE(uma_zone_t, pf_state_key_pl);
VNET_DEFINE(uma_zone_t, pf_state_item_pl);
VNET_DEFINE(uma_zone_t, pf_altq_pl);
+
+#define V_cur VNET(cur)
#else
struct pf_state_tree pf_statetbl;
@@ -1661,7 +1663,7 @@
pf_purge_expired_states(u_int32_t maxcheck)
#endif
{
- static struct pf_state *cur = NULL;
+ static VNET_DEFINE(struct pf_state *, cur) = NULL;
struct pf_state *next;
#ifdef __FreeBSD__
int locked = waslocked;
@@ -1671,20 +1673,20 @@
while (maxcheck--) {
/* wrap to start of list when we hit the end */
- if (cur == NULL) {
+ if (V_cur == NULL) {
#ifdef __FreeBSD__
- cur = TAILQ_FIRST(&V_state_list);
+ V_cur = TAILQ_FIRST(&V_state_list);
#else
- cur = TAILQ_FIRST(&state_list);
+ V_cur = TAILQ_FIRST(&state_list);
#endif
- if (cur == NULL)
+ if (V_cur == NULL)
break; /* list empty */
}
/* get next state, as cur may get deleted */
- next = TAILQ_NEXT(cur, entry_list);
+ next = TAILQ_NEXT(V_cur, entry_list);
- if (cur->timeout == PFTM_UNLINKED) {
+ if (V_cur->timeout == PFTM_UNLINKED) {
/* free unlinked state */
if (! locked) {
#ifdef __FreeBSD__
@@ -1695,10 +1697,10 @@
#endif
locked = 1;
}
- pf_free_state(cur);
- } else if (pf_state_expires(cur) <= time_second) {
+ pf_free_state(V_cur);
+ } else if (pf_state_expires(V_cur) <= time_second) {
/* unlink and free expired state */
- pf_unlink_state(cur);
+ pf_unlink_state(V_cur);
if (! locked) {
#ifdef __FreeBSD__
if (!sx_try_upgrade(&V_pf_consistency_lock))
@@ -1708,9 +1710,9 @@
#endif
locked = 1;
}
- pf_free_state(cur);
+ pf_free_state(V_cur);
}
- cur = next;
+ V_cur = next;
}
#ifdef __FreeBSD__
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
To unsubscribe, send any mail to
"[email protected]"
