On Mon, Jan 29, 2007 at 04:33:45PM +0100, Thomas Althoff wrote:
> I did the "crash" procedure on 3.9 and found that this is the line
> causing the problem
> if (!r->max_states || r->states < r->max_states)
> I have upgraded my boxes to 4.0-current, no change.
If you can reproduce it with a recent 4.0-current, and the location is
really that line above, it looks like a different problem
Can you try the patch below?
Daniel
Index: if_pfsync.c
===================================================================
RCS file: /cvs/src/sys/net/if_pfsync.c,v
retrieving revision 1.73
diff -u -r1.73 if_pfsync.c
--- if_pfsync.c 16 Nov 2006 13:13:38 -0000 1.73
+++ if_pfsync.c 29 Jan 2007 17:51:01 -0000
@@ -243,7 +243,9 @@
* If the ruleset checksums match, it's safe to associate the state
* with the rule of that number.
*/
- if (sp->rule != htonl(-1) && sp->anchor == htonl(-1) && chksum_flag)
+ if (sp->rule != htonl(-1) && sp->anchor == htonl(-1) && chksum_flag &&
+ ntohl(sp->rule) >= 0 && ntohl(sp->rule) < pf_main_ruleset.rules[
+ PF_RULESET_FILTER].active.rcount)
r = pf_main_ruleset.rules[
PF_RULESET_FILTER].active.ptr_array[ntohl(sp->rule)];
else
