Will try test it today, cheers.
Henning Brauer wrote:
* Josh <[EMAIL PROTECTED]> [2007-11-20 22:35]:
I am having large stability problems since running 4.2 as firewalls. I have
1x fxp and 2x dual box fxp cards, and after a while, the boxes freeze up,
Any suggestions/ideas?
sounds like you hit the memory leak we just found & fixed.
Index: pf.c
===================================================================
RCS file: /cvs/src/sys/net/pf.c,v
retrieving revision 1.564
diff -u -p -r1.564 pf.c
--- pf.c 18 Nov 2007 21:53:47 -0000 1.564
+++ pf.c 22 Nov 2007 01:15:47 -0000
@@ -816,6 +816,8 @@ pf_insert_state(struct pfi_kif *kif, str
TAILQ_FOREACH(sp, &cur->states, next)
if (sp->kif == kif) { /* collision! */
pf_stateins_err("tree_lan_ext", s, kif);
+ pf_detach_state(s,
+ PF_DT_SKIP_LANEXT|PF_DT_SKIP_EXTGWY);
return (-1);
}
pf_detach_state(s, PF_DT_SKIP_LANEXT|PF_DT_SKIP_EXTGWY);
@@ -958,10 +960,8 @@ pf_src_tree_remove_state(struct pf_state
u_int32_t timeout;
if (s->src_node != NULL) {
- if (s->state_key->proto == IPPROTO_TCP) {
- if (s->src.tcp_est)
- --s->src_node->conn;
- }
+ if (s->src.tcp_est)
+ --s->src_node->conn;
if (--s->src_node->states <= 0) {
timeout = s->rule.ptr->timeout[PFTM_SRC_NODE];
if (!timeout)
