Date: Tue, 26 Sep 2017 12:05:26 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 222126] pf is not clearing expired states Message-ID: <bug-222126-17777-hnpPucZxhU@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-222126-17777@https.bugs.freebsd.org/bugzilla/> References: <bug-222126-17777@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D222126 --- Comment #22 from hlh@restart.be --- The problem crop up: [root@norquay ~]# pfctl -si Status: Enabled for 1 days 08:09:42 Debug: Urgent Interface Stats for ng0 IPv4 IPv6 Bytes In 3355637698 0 Bytes Out 236586554 0 Packets In Passed 2587532 0 Blocked 3290 0 Packets Out Passed 2395320 0 Blocked 109 0 State Table Total Rate current entries 31=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20 searches 10992548 94.9/s inserts 77585 0.7/s removals 77052 0.7/s Counters match 86805 0.7/s bad-offset 0 0.0/s fragment 0 0.0/s short 0 0.0/s normalize 0 0.0/s memory 0 0.0/s bad-timestamp 0 0.0/s congestion 0 0.0/s ip-option 0 0.0/s proto-cksum 0 0.0/s state-mismatch 9 0.0/s state-insert 2 0.0/s state-limit 0 0.0/s src-limit 8 0.0/s synproxy 105 0.0/s map-failed 0 0.0/s [root@norquay ~]# pfctl -ss|wc -l 533 [root@norquay ~]# procstat -kk 7 PID TID COMM TDNAME KSTACK=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 7 100084 pf purge - mi_switch+0x118 sleepq_timedwait+0x40 _sleep+0x268 pf_purge_thread+0xec fork_exit+0x94=20 [root@norquay dtrace]# ./pf.dtrace=20 dtrace: script './pf.dtrace' matched 4 probes dtrace: buffer size lowered to 2m after: [root@norquay ~]# echo "set timeout interval 5" | pfctl -mf - CPU ID FUNCTION:NAME 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 3 2257 pf_purge_expired_states:entry=20 3 2258 pf_purge_expired_states:return=20 3 2258 pf_purge_expired_states:return=20 3 2257 pf_purge_expired_states:entry=20 3 2258 pf_purge_expired_states:return=20 3 2258 pf_purge_expired_states:return=20 3 2257 pf_purge_expired_states:entry=20 3 2258 pf_purge_expired_states:return=20 3 2258 pf_purge_expired_states:return=20 3 2257 pf_purge_expired_states:entry=20 3 2258 pf_purge_expired_states:return=20 3 2258 pf_purge_expired_states:return=20 3 2257 pf_purge_expired_states:entry=20 3 2258 pf_purge_expired_states:return=20 3 2258 pf_purge_expired_states:return=20 3 2258 pf_purge_expired_states:return=20 3 2257 pf_purge_expired_states:entry=20 3 2258 pf_purge_expired_states:return=20 3 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 1 2258 pf_purge_expired_states:return=20 1 2258 pf_purge_expired_states:return=20 1 2257 pf_purge_expired_states:entry=20 .... [root@norquay ~]# echo "set timeout interval 10" | pfctl -mf - And then no new state are created! [root@norquay ~]# nohup service pf restart resume the normal work of pf. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-222126-17777-hnpPucZxhU>