Date: Thu, 22 Dec 2011 19:09:55 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r228816 - head/sys/contrib/pf/net Message-ID: <201112221909.pBMJ9tSa030233@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Thu Dec 22 19:09:55 2011 New Revision: 228816 URL: http://svn.freebsd.org/changeset/base/228816 Log: Merge from OpenBSD: revision 1.122 date: 2009/05/13 01:01:34; author: dlg; state: Exp; lines: +6 -4 only keep track of the number of updates on tcp connections. state sync on all the other protocols is simply pushing the timeouts along which has a resolution of 1 second, so it isnt going to be hurt by pfsync taking up to a second to send it over. keep track of updates on tcp still though, their windows need constant attention. Modified: head/sys/contrib/pf/net/if_pfsync.c Modified: head/sys/contrib/pf/net/if_pfsync.c ============================================================================== --- head/sys/contrib/pf/net/if_pfsync.c Thu Dec 22 19:05:58 2011 (r228815) +++ head/sys/contrib/pf/net/if_pfsync.c Thu Dec 22 19:09:55 2011 (r228816) @@ -46,6 +46,7 @@ * Revisions picked from OpenBSD after revision 1.110 import: * 1.118, 1.124, 1.148, 1.149, 1.151, 1.171 - fixes to bulk updates * 1.120, 1.175 - use monotonic time_uptime + * 1.122 - reduce number of updates for non-TCP sessions */ #ifdef __FreeBSD__ @@ -2605,9 +2606,11 @@ pfsync_update_state(struct pf_state *st) case PFSYNC_S_INS: /* we're already handling it */ - st->sync_updates++; - if (st->sync_updates >= sc->sc_maxupdates) - sync = 1; + if (st->key[PF_SK_WIRE]->proto == IPPROTO_TCP) { + st->sync_updates++; + if (st->sync_updates >= sc->sc_maxupdates) + sync = 1; + } break; case PFSYNC_S_IACK:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201112221909.pBMJ9tSa030233>