Re: pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable

Reply: Thomas Steen Rasmussen via freebsd-pf : "Re: pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable"
In reply to: Özkan KIRIK : "pfctl -P -ss -vv -- sometimes eats cpu and becomes unkillable"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Kristof Provost <kp_at_FreeBSD.org>
Date: Mon, 28 Jun 2021 11:07:29 UTC

On 26 Jun 2021, at 21:38, Özkan KIRIK wrote:
> Hi,
>
> pfctl -P -ss -vv command cannot finish and eats %100 of single core 
> cpu
> when number of states is over 50.000.
> Even killall -9 pfctl doesn't help. process cannot be killed.
>
> I'm using FreeBSD stable/12 that pulled at 2021-06-05.
> State policy is configured as floating. I don't know if it matters
> switching to if-bound.
>
> Do you have any suggestions to overcome this problem?
>
None for now. I’m aware of the problem, it’s still related to 
nvlists. It’s being worked on right now, but I have no ETA for a fix.

— Kristof