Ping?
On Sat, Aug 21, 2021 at 08:21:55PM +0200, Jesper Wallin wrote:
> Hi tech@
>
> I'm trying to add log message when the pf(4) state table becomes
> exhausted/full. After reading the code, I learned that it's using
> pool_sethardlimit(9) to manage the resources.
>
> Conveniently, pool_sethardlimit(9) takes the argument warnmess, which is
> printed to the console when the limits are reached. Unfortunately, it
> seems like this isn't true and I can't find anywhere in the source where
> it actually does this.
>
> The patch below add this functionality, even if it's not really used
> right now. It's being called from the following files:
>
> /usr/src/sys/net/pf_ioctl.c
> /usr/src/sys/net/pf_norm.c
> /usr/src/sys/netinet/tcp_subr.c
> /usr/src/sys/netinet/tcp_usrreq.c
>
> And it seems like warnmess is NULL everywhere.
>
>
> Index: kern/subr_pool.c
> ===================================================================
> RCS file: /cvs/src/sys/kern/subr_pool.c,v
> retrieving revision 1.234
> diff -u -p -r1.234 subr_pool.c
> --- kern/subr_pool.c 15 Jun 2021 05:24:46 -0000 1.234
> +++ kern/subr_pool.c 21 Aug 2021 15:09:33 -0000
> @@ -624,6 +624,14 @@ good:
> fail:
> pp->pr_nfail++;
> pl_leave(pp, &pp->pr_lock);
> + if (pp->pr_hardlimit_warning != NULL &&
> + (pp->pr_hardlimit_ratecap.tv_sec == 0 ||
> + pp->pr_hardlimit_warning_last.tv_sec == 0 ||
> + getuptime() - pp->pr_hardlimit_warning_last.tv_sec >
> + pp->pr_hardlimit_ratecap.tv_sec)) {
> + printf("%s\n", pp->pr_hardlimit_warning);
> + pp->pr_hardlimit_warning_last.tv_sec = getuptime();
> + }
> return (NULL);
> }
>
>
