From owner-freebsd-pf@FreeBSD.ORG Mon Jun 10 11:06:53 2013 Return-Path: Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 9178C6A for ; Mon, 10 Jun 2013 11:06:53 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 810A01C92 for ; Mon, 10 Jun 2013 11:06:53 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r5AB6rmZ097057 for ; Mon, 10 Jun 2013 11:06:53 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r5AB6rRL097055 for freebsd-pf@FreeBSD.org; Mon, 10 Jun 2013 11:06:53 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 10 Jun 2013 11:06:53 GMT Message-Id: <201306101106.r5AB6rRL097055@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-pf@FreeBSD.org Subject: Current problem reports assigned to freebsd-pf@FreeBSD.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jun 2013 11:06:53 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/177810 pf [pf] traffic dropped by accepting rules is not counted o kern/177808 pf [pf] [patch] route-to rule forwarding traffic inspite o kern/176763 pf [pf] [patch] Removing pf Source entries locks kernel. o kern/176268 pf [pf] [patch] synproxy not working with route-to o kern/173659 pf [pf] PF fatal trap on 9.1 (taskq fatal trap on pf_test o bin/172888 pf [patch] authpf(8) feature enhancement o kern/172648 pf [pf] [ip6]: 'scrub reassemble tcp' breaks IPv6 packet o kern/171733 pf [pf] PF problem with modulate state in [regression] o kern/169630 pf [pf] [patch] pf fragment reassembly of padded (undersi o kern/168952 pf [pf] direction scrub rules don't work o kern/168190 pf [pf] panic when using pf and route-to (maybe: bad frag o kern/166336 pf [pf] kern.securelevel 3 +pf reload o kern/165315 pf [pf] States never cleared in PF with DEVICE_POLLING o kern/164402 pf [pf] pf crashes with a particular set of rules when fi o kern/164271 pf [pf] not working pf nat on FreeBSD 9.0 [regression] o kern/163208 pf [pf] PF state key linking mismatch o kern/160370 pf [pf] Incorrect pfctl check of pf.conf o kern/155736 pf [pf] [altq] borrow from parent queue does not work wit o kern/153307 pf [pf] Bug with PF firewall o kern/148290 pf [pf] "sticky-address" option of Packet Filter (PF) blo o kern/148260 pf [pf] [patch] pf rdr incompatible with dummynet o kern/147789 pf [pf] Firewall PF no longer drops connections by sendin o kern/143543 pf [pf] [panic] PF route-to causes kernel panic o bin/143504 pf [patch] outgoing states are not killed by authpf(8) o conf/142961 pf [pf] No way to adjust pidfile in pflogd o conf/142817 pf [patch] etc/rc.d/pf: silence pfctl o kern/141905 pf [pf] [panic] pf kernel panic on 7.2-RELEASE with empty o kern/140697 pf [pf] pf behaviour changes - must be documented o kern/137982 pf [pf] when pf can hit state limits, random IP failures o kern/136781 pf [pf] Packets appear to drop with pf scrub and if_bridg o kern/135948 pf [pf] [gre] pf not natting gre protocol o kern/134996 pf [pf] Anchor tables not included when pfctl(8) is run w o kern/133732 pf [pf] max-src-conn issue o conf/130381 pf [rc.d] [pf] [ip6] ipv6 not fully configured when pf st o kern/127920 pf [pf] ipv6 and synproxy don't play well together o conf/127814 pf [pf] The flush in pf_reload in /etc/rc.d/pf does not w o kern/127121 pf [pf] [patch] pf incorrect log priority o kern/127042 pf [pf] [patch] pf recursion panic if interface group is o kern/125467 pf [pf] pf keep state bug while handling sessions between s kern/124933 pf [pf] [ip6] pf does not support (drops) IPv6 fragmented o kern/122773 pf [pf] pf doesn't log uid or pid when configured to o kern/122014 pf [pf] [panic] FreeBSD 6.2 panic in pf o kern/120281 pf [pf] [request] lost returning packets to PF for a rdr o kern/120057 pf [pf] [patch] Allow proper settings of ALTQ_HFSC. The c o bin/118355 pf [pf] [patch] pfctl(8) help message options order false o kern/114567 pf [pf] [lor] pf_ioctl.c + if.c o kern/103283 pf pfsync fails to sucessfully transfer some sessions o kern/93825 pf [pf] pf reply-to doesn't work o sparc/93530 pf [pf] Incorrect checksums when using pf's route-to on s o kern/92949 pf [pf] PF + ALTQ problems with latency o bin/86635 pf [patch] pfctl(8): allow new page character (^L) in pf. o kern/82271 pf [pf] cbq scheduler cause bad latency 52 problems total. From owner-freebsd-pf@FreeBSD.ORG Mon Jun 10 13:45:07 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id A4D04A61; Mon, 10 Jun 2013 13:45:07 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-qe0-f48.google.com (mail-qe0-f48.google.com [209.85.128.48]) by mx1.freebsd.org (Postfix) with ESMTP id 5B96A192C; Mon, 10 Jun 2013 13:45:07 +0000 (UTC) Received: by mail-qe0-f48.google.com with SMTP id 2so3971540qea.7 for ; Mon, 10 Jun 2013 06:45:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:content-type; bh=yH5TjYWnRpohRBaxsxHWsQDPtZVg717Q6dr45wuzkVM=; b=fbwKbDYq86V3tgOnrkuMAuTFhPYeAHoStRN3qCWNfC2ucik8jAXSs1ZiJ/d4dNCa0i dzXn4Nh5DToISxIOtP57uJ9M3cs+TbwfnO6lXzuFVdtQZE5+feUETQYPsRlRJsvvdwHn 8JgXfggl/LFOtGkPH7fmjyr8DTFHlDIC9PUxxzaLM+SlGIhMb39VjB1TDnF3GDx01UJP XwfPdxX+S0/CCCVkhm4xWkHIbvnBgXuPccs+IuIMF7OmSRjGU+J6Ce2vGg28vFgCns25 NQdKRJtC9KXFOuS63dyP0X5M8+/R4u8rq/NAg6ph6u375YM1M0futVWSMT4WLGnXUXyD IR5A== MIME-Version: 1.0 X-Received: by 10.49.132.69 with SMTP id os5mr10669760qeb.48.1370871901704; Mon, 10 Jun 2013 06:45:01 -0700 (PDT) Sender: ermal.luci@gmail.com Received: by 10.49.51.8 with HTTP; Mon, 10 Jun 2013 06:45:01 -0700 (PDT) Date: Mon, 10 Jun 2013 15:45:01 +0200 X-Google-Sender-Auth: 2UfEIZXahz9JuLRxz24ESJm1igg Message-ID: Subject: [PATCH] dummynet(4) patch for pf(4) From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= To: freebsd-net , "freebsd-pf@freebsd.org" Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jun 2013 13:45:07 -0000 Hello, the patch at location [1] implements support for dummynet into pf(4). The patch has been tested and confirmed working without issues into pfSense. Any objections to integrating this into FreeBSD? [1] https://github.com/pfsense/pfsense-tools/blob/master/patches/RELENG_10_0/dummynet.RELENG_10.diff -- Ermal From owner-freebsd-pf@FreeBSD.ORG Mon Jun 10 13:58:21 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 12DC9F83; Mon, 10 Jun 2013 13:58:21 +0000 (UTC) (envelope-from luigi@onelab2.iet.unipi.it) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id CC5C219CC; Mon, 10 Jun 2013 13:58:20 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id 71A8C7300A; Mon, 10 Jun 2013 16:01:17 +0200 (CEST) Date: Mon, 10 Jun 2013 16:01:17 +0200 From: Luigi Rizzo To: Ermal Lu?i Subject: Re: [PATCH] dummynet(4) patch for pf(4) Message-ID: <20130610140117.GA98967@onelab2.iet.unipi.it> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-net , "freebsd-pf@freebsd.org" X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jun 2013 13:58:21 -0000 On Mon, Jun 10, 2013 at 03:45:01PM +0200, Ermal Lu?i wrote: > Hello, > > the patch at location [1] implements support for dummynet into pf(4). > > The patch has been tested and confirmed working without issues into pfSense. > > Any objections to integrating this into FreeBSD? for the dummynet/ipfw part i have no objection -- this is only a one-line change to sys/netpfil/ipfw/ip_dn_io.c For the pf part sys/netpfil/pf/pf.c, there are two huge macros PACKET_UNDO_NAT() and PACKET_REDO_NAT() which really look ugly. It would really make sense to change them into functions (they already do some substantial work so the saving of one function call is negligible). There is also some questionable indentation see the calls to m_copyback() in PACKET_REDO_NAT() Some extra braces around if/else blocks would help immensely. cheers luigi > [1] > https://github.com/pfsense/pfsense-tools/blob/master/patches/RELENG_10_0/dummynet.RELENG_10.diff > > -- > Ermal > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-pf@FreeBSD.ORG Tue Jun 11 12:50:37 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 4ECA6D5D; Tue, 11 Jun 2013 12:50:37 +0000 (UTC) (envelope-from ermal.luci@gmail.com) Received: from mail-qe0-f53.google.com (mail-qe0-f53.google.com [209.85.128.53]) by mx1.freebsd.org (Postfix) with ESMTP id 02D9F1125; Tue, 11 Jun 2013 12:50:36 +0000 (UTC) Received: by mail-qe0-f53.google.com with SMTP id 1so4794932qee.12 for ; Tue, 11 Jun 2013 05:50:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=7iP8K+LxC/tZDkrNaIw8LVNdw1zJ/jDuZRPx28Y4Y1U=; b=gGa3nP9o8QLPTRoBFM5Brp9NQbKH0TCOybdJCG3aUHN0TLCOxJrkwWAyULORgsFcrL nnHC8po7nqRKHeZ6pE2VK1E6DQyoY3A65EHDpPBdqMb/onheXbjlOWMR7vsMbxOHAU7A TjPH4wdTWeeY/3YdBwI2V+w9MOfmxXyMBS0YHjrVu4sls/w2j68v40RqFb+2gOTfH2+4 4CDxBG40j9YHtXEkUlRPHucqEum19RqwgduA9BcM7VCj2u0BasCLy/hDyvFf2fFnJm4r 8TMDaahlTxnCVRJZZJ7mf6YPj1g4y2Mr8JMM2zJNZPUmntdhqXdXnpofBVfPRsg+Yupf S63Q== MIME-Version: 1.0 X-Received: by 10.224.87.130 with SMTP id w2mr464275qal.53.1370955036034; Tue, 11 Jun 2013 05:50:36 -0700 (PDT) Sender: ermal.luci@gmail.com Received: by 10.49.51.8 with HTTP; Tue, 11 Jun 2013 05:50:35 -0700 (PDT) In-Reply-To: <20130610140117.GA98967@onelab2.iet.unipi.it> References: <20130610140117.GA98967@onelab2.iet.unipi.it> Date: Tue, 11 Jun 2013 14:50:35 +0200 X-Google-Sender-Auth: MNUVteXUczx9xeo_cW4JWgnF_0w Message-ID: Subject: Re: [PATCH] dummynet(4) patch for pf(4) From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= To: Luigi Rizzo Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: freebsd-net , "freebsd-pf@freebsd.org" X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Jun 2013 12:50:37 -0000 Hello, i made the corrections to the patch to make it more readble. Can some other eyes give a look and say if that have anything against it. Patch is at same location. On Mon, Jun 10, 2013 at 4:01 PM, Luigi Rizzo wrote: > On Mon, Jun 10, 2013 at 03:45:01PM +0200, Ermal Lu?i wrote: > > Hello, > > > > the patch at location [1] implements support for dummynet into pf(4). > > > > The patch has been tested and confirmed working without issues into > pfSense. > > > > Any objections to integrating this into FreeBSD? > > for the dummynet/ipfw part i have no objection -- this is only > a one-line change to sys/netpfil/ipfw/ip_dn_io.c > > For the pf part sys/netpfil/pf/pf.c, there are two huge macros > PACKET_UNDO_NAT() and PACKET_REDO_NAT() which really look ugly. > It would really make sense to change them into functions > (they already do some substantial work so the saving of one > function call is negligible). > > There is also some questionable indentation see the calls to > m_copyback() in PACKET_REDO_NAT() > Some extra braces around if/else blocks would help immensely. > > cheers > luigi > > > [1] > > > https://github.com/pfsense/pfsense-tools/blob/master/patches/RELENG_10_0/dummynet.RELENG_10.diff > > > > -- > > Ermal > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > -- Ermal From owner-freebsd-pf@FreeBSD.ORG Wed Jun 12 18:51:56 2013 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 03D7FF2B; Wed, 12 Jun 2013 18:51:56 +0000 (UTC) (envelope-from to.my.trociny@gmail.com) Received: from mail-ea0-x235.google.com (mail-ea0-x235.google.com [IPv6:2a00:1450:4013:c01::235]) by mx1.freebsd.org (Postfix) with ESMTP id 681A11AF8; Wed, 12 Jun 2013 18:51:55 +0000 (UTC) Received: by mail-ea0-f181.google.com with SMTP id a15so4797087eae.12 for ; Wed, 12 Jun 2013 11:51:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=nzJWzPfbZiN38NgmXEaeWAE6cSz7/u5FLWNehCuniqw=; b=LrJwP0UudCuacgVlnnA16L7nwLOMeRNGwqiDykjJljDo2OqFdtVV+yZw5CJZH6byKj i+q6huBRxeGnC4v7zzdsay73rfp764G/a/Tosq77cwox3+gD9WQCaIjuw61lIHKGeTWu BJ00f07a5qy+uCalDrck0Q+prsV4+CsuNPtdhH6BkvresqKd9hFDWjVTxCYOUSPO1YAZ irWJrofUxV55N724D2dHvETGEZBN1xfM876XmBXu0E4udQUXSBuluEDjZKd5NbdxSqxF LPHbF4Yu0hCIliV4IuURt0MrQXRuUnGKEIMy3kNjaG7M4mViwLEiuew3RCmaCZpglipy IIEA== X-Received: by 10.14.206.193 with SMTP id l41mr20842899eeo.154.1371063114472; Wed, 12 Jun 2013 11:51:54 -0700 (PDT) Received: from localhost ([178.150.115.244]) by mx.google.com with ESMTPSA id c5sm38641403eeu.8.2013.06.12.11.51.52 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Wed, 12 Jun 2013 11:51:53 -0700 (PDT) Sender: Mikolaj Golub Date: Wed, 12 Jun 2013 21:51:51 +0300 From: Mikolaj Golub To: Nikos Vassiliadis Subject: Re: de-virtualize pf sysctls Message-ID: <20130612185150.GA6553@gmail.com> References: <51B33B8B.9050006@gmx.com> <51B344B8.9090109@gmx.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <51B344B8.9090109@gmx.com> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-pf@freebsd.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Jun 2013 18:51:56 -0000 On Sat, Jun 08, 2013 at 04:50:32PM +0200, Nikos Vassiliadis wrote: > On 06/08/2013 04:11 PM, Nikos Vassiliadis wrote: > > Hi, > > > > Please review this patch. These two variables are RO-tunables and > > cannot be changed at runtime. As such, it is not useful to > > virtualize them. This looks correct to me. Also, it looks like V_pf_hashmask and V_pf_srchashmask can be de-virtualized then. > > Sorry for the noise, > > I missed something in the previous patch. > > > > Index: sys/netpfil/pf/pf.c > =================================================================== > --- sys/netpfil/pf/pf.c (revision 251514) > +++ sys/netpfil/pf/pf.c (working copy) > @@ -359,15 +359,13 @@ VNET_DEFINE(u_long, pf_srchashmask); > > SYSCTL_NODE(_net, OID_AUTO, pf, CTLFLAG_RW, 0, "pf(4)"); > > -VNET_DEFINE(u_long, pf_hashsize); > -#define V_pf_hashsize VNET(pf_hashsize) > -SYSCTL_VNET_UINT(_net_pf, OID_AUTO, states_hashsize, CTLFLAG_RDTUN, > - &VNET_NAME(pf_hashsize), 0, "Size of pf(4) states hashtable"); > +static u_long pf_hashsize; > +static u_long pf_srchashsize; > > -VNET_DEFINE(u_long, pf_srchashsize); > -#define V_pf_srchashsize VNET(pf_srchashsize) > -SYSCTL_VNET_UINT(_net_pf, OID_AUTO, source_nodes_hashsize, CTLFLAG_RDTUN, > - &VNET_NAME(pf_srchashsize), 0, "Size of pf(4) source nodes hashtable"); > +SYSCTL_UINT(_net_pf, OID_AUTO, states_hashsize, CTLFLAG_RDTUN, > + &pf_hashsize, 0, "Size of pf(4) states hashtable"); > +SYSCTL_UINT(_net_pf, OID_AUTO, source_nodes_hashsize, CTLFLAG_RDTUN, > + &pf_srchashsize, 0, "Size of pf(4) source nodes hashtable"); > > VNET_DEFINE(void *, pf_swi_cookie); > > @@ -698,12 +696,12 @@ pf_initialize() > struct pf_srchash *sh; > u_int i; > > - TUNABLE_ULONG_FETCH("net.pf.states_hashsize", &V_pf_hashsize); > - if (V_pf_hashsize == 0 || !powerof2(V_pf_hashsize)) > - V_pf_hashsize = PF_HASHSIZ; > - TUNABLE_ULONG_FETCH("net.pf.source_nodes_hashsize", &V_pf_srchashsize); > - if (V_pf_srchashsize == 0 || !powerof2(V_pf_srchashsize)) > - V_pf_srchashsize = PF_HASHSIZ / 4; > + TUNABLE_ULONG_FETCH("net.pf.states_hashsize", &pf_hashsize); > + if (pf_hashsize == 0 || !powerof2(pf_hashsize)) > + pf_hashsize = PF_HASHSIZ; > + TUNABLE_ULONG_FETCH("net.pf.source_nodes_hashsize", &pf_srchashsize); > + if (pf_srchashsize == 0 || !powerof2(pf_srchashsize)) > + pf_srchashsize = PF_HASHSIZ / 4; > > V_pf_hashseed = arc4random(); > > @@ -717,11 +715,11 @@ pf_initialize() > V_pf_state_key_z = uma_zcreate("pf state keys", > sizeof(struct pf_state_key), pf_state_key_ctor, NULL, NULL, NULL, > UMA_ALIGN_PTR, 0); > - V_pf_keyhash = malloc(V_pf_hashsize * sizeof(struct pf_keyhash), > + V_pf_keyhash = malloc(pf_hashsize * sizeof(struct pf_keyhash), > M_PFHASH, M_WAITOK | M_ZERO); > - V_pf_idhash = malloc(V_pf_hashsize * sizeof(struct pf_idhash), > + V_pf_idhash = malloc(pf_hashsize * sizeof(struct pf_idhash), > M_PFHASH, M_WAITOK | M_ZERO); > - V_pf_hashmask = V_pf_hashsize - 1; > + V_pf_hashmask = pf_hashsize - 1; > for (i = 0, kh = V_pf_keyhash, ih = V_pf_idhash; i <= V_pf_hashmask; > i++, kh++, ih++) { > mtx_init(&kh->lock, "pf_keyhash", NULL, MTX_DEF); > @@ -735,9 +733,9 @@ pf_initialize() > V_pf_limits[PF_LIMIT_SRC_NODES].zone = V_pf_sources_z; > uma_zone_set_max(V_pf_sources_z, PFSNODE_HIWAT); > uma_zone_set_warning(V_pf_sources_z, "PF source nodes limit reached"); > - V_pf_srchash = malloc(V_pf_srchashsize * sizeof(struct pf_srchash), > + V_pf_srchash = malloc(pf_srchashsize * sizeof(struct pf_srchash), > M_PFHASH, M_WAITOK|M_ZERO); > - V_pf_srchashmask = V_pf_srchashsize - 1; > + V_pf_srchashmask = pf_srchashsize - 1; > for (i = 0, sh = V_pf_srchash; i <= V_pf_srchashmask; i++, sh++) > mtx_init(&sh->lock, "pf_srchash", NULL, MTX_DEF); > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" -- Mikolaj Golub