PF state key linking mismatch in FreeBSD 9.0-RELEASE

Bjoern A. Zeeb bzeeb-lists at
Thu Jan 12 22:23:13 UTC 2012

On 12. Jan 2012, at 21:07 , Matt Lager wrote:

> I've had a bug report in on this for a while but hasn't received a response yet, also posted to the FreeBSD forums and haven't received a response either, see these links:
> I don't believe it to be a configuration issue, and this is really preventing me from using FreeBSD 9.0 as VPN endpoints. If anyone has any information on this, I would greatly appreciate it.

yeah it's the re-use of an mbuf that previously passed through pf.  The logging is noise basically though can be painful with a slow (serial) console.  I have a sysctl locally to disable the logging, OpenBSD has removed the printf by now.  I agree that we need to fix these places where it still originates and even if it's for documentation purposes to eventually decide if re-using the mbuf there is really cheaper  to allocating a new one as other people lately found transporting other properties along with the mbuf and re-using that can lead to odd results.


Bjoern A. Zeeb                                 You have to have visions!
   It does not matter how good you are. It matters what good you do!

More information about the freebsd-pf mailing list