Can you please test with this patch applied?
At present I can only run systems under vmware and freebsd 5.5 under vmware
doesn't exhibit the same problem as you're describing where ïpfstat -io"
runs
forever on just the first rule.
Darren
===================================================================
RCS file: /devel/CVS/IP-Filter/fil.c,v
retrieving revision 2.243.2.95
diff -u -r2.243.2.95 fil.c
--- fil.c 17 Jan 2007 11:34:54 -0000 2.243.2.95
+++ fil.c 27 Jan 2007 18:05:06 -0000
@@ -6536,6 +6536,7 @@
uid == it->ipt_uid)
break;
}
+printf("ipf_findtoken(%d,%d,%p) = %p\n", type, uid, ptr, it);
if (it == NULL) {
it = new;
@@ -6561,7 +6562,7 @@
ipftokentail = &it->ipt_next;
it->ipt_next = NULL;
- it->ipt_die = fr_ticks + 2;
+ it->ipt_die = fr_ticks + 4;
MUTEX_DOWNGRADE(&ipf_tokens);
