cvs commit: src/sys/contrib/pf/net pf.c pfvar.h
Andrew Thompson
thompsa at freebsd.org
Sun Dec 18 01:08:29 PST 2005
On Wed, Jul 20, 2005 at 06:58:27PM +0000, Max Laier wrote:
> mlaier 2005-07-20 18:58:27 UTC
>
> FreeBSD src repository
>
> Modified files:
> sys/contrib/pf/net pf.c pfvar.h
> Log:
> Prevent a race condition. As pf_send_tcp() - called for expired synproxy
> states - has to drop the lock when calling back to ip_output(), the state
> purge timeout might run and gc the state. This results in a rb-tree
> inconsistency. With this change we flag expiring states while holding the
> lock and back off if the flag is already set.
This commit seems to have broken net/pfflowd in ports. It still recieves
packets from pfsync0 but nothing with action == PFSYNC_ACT_DEL.
I am at a loss as to why.
> Reported by: glebius
> MFC after: 2 weeks
>
> Revision Changes Path
> 1.35 +5 -0 src/sys/contrib/pf/net/pf.c
> 1.12 +3 -0 src/sys/contrib/pf/net/pfvar.h
More information about the freebsd-pf
mailing list