From owner-freebsd-pf@FreeBSD.ORG Thu Jan 12 22:23:13 2012 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3DFB5106564A for ; Thu, 12 Jan 2012 22:23:13 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25]) by mx1.freebsd.org (Postfix) with ESMTP id C24E08FC08 for ; Thu, 12 Jan 2012 22:23:12 +0000 (UTC) Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.sbone.de (Postfix) with ESMTPS id 97ACA25D37D1; Thu, 12 Jan 2012 22:23:11 +0000 (UTC) Received: from content-filter.sbone.de (content-filter.sbone.de [IPv6:fde9:577b:c1a9:31::2013:2742]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPS id D1510BD90B7; Thu, 12 Jan 2012 22:23:10 +0000 (UTC) X-Virus-Scanned: amavisd-new at sbone.de Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587]) by content-filter.sbone.de (content-filter.sbone.de [fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024) with ESMTP id jsb2Ub3zuaet; Thu, 12 Jan 2012 22:23:09 +0000 (UTC) Received: from orange-en1.sbone.de (orange-en1.sbone.de [IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.sbone.de (Postfix) with ESMTPSA id 949F5BD90B6; Thu, 12 Jan 2012 22:23:09 +0000 (UTC) Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: "Bjoern A. Zeeb" In-Reply-To: <4F0F4B94.10408@sdunix.com> Date: Thu, 12 Jan 2012 22:23:08 +0000 Content-Transfer-Encoding: quoted-printable Message-Id: <7534A9A5-D901-43E2-A7D7-3F45699B2C91@lists.zabbadoz.net> References: <4F0F4B94.10408@sdunix.com> To: Matt Lager X-Mailer: Apple Mail (2.1084) Cc: freebsd-pf@freebsd.org Subject: Re: PF state key linking mismatch in FreeBSD 9.0-RELEASE X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jan 2012 22:23:13 -0000 On 12. Jan 2012, at 21:07 , Matt Lager wrote: > I've had a bug report in on this for a while but hasn't received a = response yet, also posted to the FreeBSD forums and haven't received a = response either, see these links: >=20 > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dkern/163208 > http://forums.freebsd.org/showthread.php?t=3D28278 >=20 > I don't believe it to be a configuration issue, and this is really = preventing me from using FreeBSD 9.0 as VPN endpoints. If anyone has any = information on this, I would greatly appreciate it. yeah it's the re-use of an mbuf that previously passed through pf. The = logging is noise basically though can be painful with a slow (serial) = console. I have a sysctl locally to disable the logging, OpenBSD has = removed the printf by now. I agree that we need to fix these places = where it still originates and even if it's for documentation purposes to = eventually decide if re-using the mbuf there is really cheaper to = allocating a new one as other people lately found transporting other = properties along with the mbuf and re-using that can lead to odd = results. /bz --=20 Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do!