svn commit: r228815 - head/sys/contrib/pf/net
Gleb Smirnoff
glebius at FreeBSD.org
Thu Dec 22 19:05:59 UTC 2011
Author: glebius
Date: Thu Dec 22 19:05:58 2011
New Revision: 228815
URL: http://svn.freebsd.org/changeset/base/228815
Log:
Merge from OpenBSD:
revision 1.120
date: 2009/04/04 13:09:29; author: dlg; state: Exp; lines: +5 -5
use time_uptime instead of time_second internally. time_uptime isnt
affected by adjusting the clock.
revision 1.175
date: 2011/11/25 12:52:10; author: dlg; state: Exp; lines: +3 -3
use time_uptime to set state creation values as time_second can be
skewed at runtime by things like date(1) and ntpd. time_uptime is
monotonic and therefore more useful to compare against.
Modified:
head/sys/contrib/pf/net/if_pfsync.c
Modified: head/sys/contrib/pf/net/if_pfsync.c
==============================================================================
--- head/sys/contrib/pf/net/if_pfsync.c Thu Dec 22 18:56:27 2011 (r228814)
+++ head/sys/contrib/pf/net/if_pfsync.c Thu Dec 22 19:05:58 2011 (r228815)
@@ -45,6 +45,7 @@
/*
* Revisions picked from OpenBSD after revision 1.110 import:
* 1.118, 1.124, 1.148, 1.149, 1.151, 1.171 - fixes to bulk updates
+ * 1.120, 1.175 - use monotonic time_uptime
*/
#ifdef __FreeBSD__
@@ -664,7 +665,7 @@ pfsync_state_export(struct pfsync_state
/* copy from state */
strlcpy(sp->ifname, st->kif->pfik_name, sizeof(sp->ifname));
bcopy(&st->rt_addr, &sp->rt_addr, sizeof(sp->rt_addr));
- sp->creation = htonl(time_second - st->creation);
+ sp->creation = htonl(time_uptime - st->creation);
sp->expire = pf_state_expires(st);
if (sp->expire <= time_second)
sp->expire = htonl(0);
@@ -815,7 +816,7 @@ pfsync_state_import(struct pfsync_state
/* copy to state */
bcopy(&sp->rt_addr, &st->rt_addr, sizeof(st->rt_addr));
- st->creation = time_second - ntohl(sp->creation);
+ st->creation = time_uptime - ntohl(sp->creation);
st->expire = time_second;
if (sp->expire) {
/* XXX No adaptive scaling. */
@@ -838,7 +839,7 @@ pfsync_state_import(struct pfsync_state
st->anchor.ptr = NULL;
st->rt_kif = NULL;
- st->pfsync_time = time_second;
+ st->pfsync_time = time_uptime;
st->sync_state = PFSYNC_S_NONE;
/* XXX when we have nat_rule/anchors, use STATE_INC_COUNTERS */
@@ -1330,7 +1331,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, st
pf_state_peer_ntoh(&sp->dst, &st->dst);
st->expire = ntohl(sp->expire) + time_second;
st->timeout = sp->timeout;
- st->pfsync_time = time_second;
+ st->pfsync_time = time_uptime;
}
#ifdef __FreeBSD__
PF_UNLOCK();
@@ -1440,7 +1441,7 @@ pfsync_in_upd_c(struct pfsync_pkt *pkt,
pf_state_peer_ntoh(&up->dst, &st->dst);
st->expire = ntohl(up->expire) + time_second;
st->timeout = up->timeout;
- st->pfsync_time = time_second;
+ st->pfsync_time = time_uptime;
}
#ifdef __FreeBSD__
PF_UNLOCK();
@@ -2621,7 +2622,7 @@ pfsync_update_state(struct pf_state *st)
st->sync_state);
}
- if (sync || (time_second - st->pfsync_time) < 2) {
+ if (sync || (time_uptime - st->pfsync_time) < 2) {
pfsync_upds++;
#ifdef __FreeBSD__
pfsync_sendout();
More information about the svn-src-all
mailing list