Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 16 Aug 2025 11:16:19 +0200
From:      Kristof Provost <kp@freebsd.org>
To:        Florian Smeets <flo@smeets.xyz>
Cc:        src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org
Subject:   Re: git: bad279e12deb - main - pf: convert DIOCRDELADDRS to netlink
Message-ID:  <36A8F5DC-AEA6-483F-A082-417E8C89EC9F@freebsd.org>
In-Reply-To: <06c00743-d1a6-4e94-8ccb-6adaeea0e2a9@smeets.xyz>
index | next in thread | previous in thread | raw e-mail 



> On 16 Aug 2025, at 10:34, Florian Smeets <flo@smeets.xyz> wrote:
> 
> On 06.08.25 00:28, Kristof Provost wrote:
>> The branch main has been updated by kp:
>> URL: https://cgit.FreeBSD.org/src/commit/?id=bad279e12deb3e4e4528dbc6b06f56aefb165b15
>> commit bad279e12deb3e4e4528dbc6b06f56aefb165b15
>> Author:     Kristof Provost <kp@FreeBSD.org>
>> AuthorDate: 2025-08-01 14:18:52 +0000
>> Commit:     Kristof Provost <kp@FreeBSD.org>
>> CommitDate: 2025-08-05 22:27:14 +0000
>>     pf: convert DIOCRDELADDRS to netlink
>>     
> Hi Kristof,
> 
> this is causing issues with crowdsec. The pfctl process is using up all memory and gets killed by the OOM killer.
> 
> The issue appears to be trying to delete IPs that are not part of a table, which can apparently happen with crowdsec.
> 
> root@fw:~ # /sbin/pfctl -t crowdsec-blacklists -T show|tail -1
>   223.247.218.112
> root@fw:~ # /sbin/pfctl -t crowdsec-blacklists -T delete 223.247.218.112
> 1/1 addresses deleted.
> root@fw:~ # /sbin/pfctl -t crowdsec-blacklists -T show|grep 223.247.218.113
> root@fw:~ # /sbin/pfctl -t crowdsec-blacklists -T delete 223.247.218.113
> load: 0.65  cmd: pfctl 26515 [runnable] 10.19r 0.75u 4.86s 32% 802128k
> load: 0.78  cmd: pfctl 26515 [runnable] 17.67r 1.41u 8.19s 40% 1452576k
> load: 0.89  cmd: pfctl 26515 [running] 29.14r 2.44u 13.16s 46% 2506284k
> 
Yeah, I’ve had other reports. Both add and delete have issues. I know what the problem is. I just need to finish the test case before I can commit. 
Expect it early next week. 

— 
Kristof
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36A8F5DC-AEA6-483F-A082-417E8C89EC9F>