Date: Wed, 9 Jul 2025 15:40:29 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 4f822ad2854e - main - pfsync: count failed state insertions Message-ID: <202507091540.569FeTYq008551@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=4f822ad2854e4434407456757d9c0ba671f120b0 commit 4f822ad2854e4434407456757d9c0ba671f120b0 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-07-08 15:18:03 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-07-09 15:38:08 +0000 pfsync: count failed state insertions If we fail to import a state, for whatever reason, count this as a bad action. We should not drop states without at least incrementing an error count. Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/if_pfsync.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index f21bdf15093c..2391edaf1a5a 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -1114,9 +1114,8 @@ pfsync_in_ins(struct mbuf *m, int offset, int count, int flags, int action) continue; } - if (pfsync_state_import(sp, flags, msg_version) == ENOMEM) - /* Drop out, but process the rest of the actions. */ - break; + if (pfsync_state_import(sp, flags, msg_version) != 0) + V_pfsyncstats.pfsyncs_badact++; } return (total_len);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202507091540.569FeTYq008551>