PF state key linking mismatch in FreeBSD 9.0-RELEASE
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Thu Jan 12 22:23:13 UTC 2012
On 12. Jan 2012, at 21:07 , Matt Lager wrote:
> I've had a bug report in on this for a while but hasn't received a response yet, also posted to the FreeBSD forums and haven't received a response either, see these links:
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/163208
> http://forums.freebsd.org/showthread.php?t=28278
>
> I don't believe it to be a configuration issue, and this is really preventing me from using FreeBSD 9.0 as VPN endpoints. If anyone has any information on this, I would greatly appreciate it.
yeah it's the re-use of an mbuf that previously passed through pf. The logging is noise basically though can be painful with a slow (serial) console. I have a sysctl locally to disable the logging, OpenBSD has removed the printf by now. I agree that we need to fix these places where it still originates and even if it's for documentation purposes to eventually decide if re-using the mbuf there is really cheaper to allocating a new one as other people lately found transporting other properties along with the mbuf and re-using that can lead to odd results.
/bz
--
Bjoern A. Zeeb You have to have visions!
It does not matter how good you are. It matters what good you do!
More information about the freebsd-pf
mailing list