Date: Fri, 09 Sep 2011 18:08:45 +0200 From: Florian Smeets <flo@FreeBSD.org> To: =?UTF-8?B?RXJtYWwgTHXDp2k=?= <eri@FreeBSD.org>, bz@FreeBSD.org Cc: freebsd-pf@FreeBSD.org Subject: Re: svn commit: r223637 - in head: . contrib/pf/authpf contrib/pf/ftp-proxy contrib/pf/man contrib/pf/pfctl contrib/pf/pflogd sbin/pflogd sys/conf sys/contrib/altq/altq sys/contrib/pf/net sys/modules s... Message-ID: <4E6A3A0D.7020800@FreeBSD.org> In-Reply-To: <4E4E30A2.7040509@freebsd.org> References: <201106281157.p5SBvP5g048097@svn.freebsd.org> <EA6E6909-A42B-4CF2-891A-B8A80E2B8476@FreeBSD.org> <20110629192224.2283efc8@fabiankeil.de> <20110707193539.GA60591@dragon.NUXI.org> <CAPBZQG1ZOBJh0BMPH%2BkKAHfWJoYCubdGunncd5Bhd7y39-_fkA@mail.gmail.com> <20110708170240.GA59024@dragon.NUXI.org> <4E4BB39D.8070903@freebsd.org> <22DE2AEF-22A3-4B6E-9E24-DCF0EDF40933@lists.zabbadoz.net> <4E4BB602.2060205@freebsd.org> <CAPBZQG080N4xyDLG7y1rCprsa5oo7Dtshk1ny7j4-M3bEXhkaA@mail.gmail.com> <4E4BBCB0.4090003@freebsd.org> <CAPBZQG2kRYvzVsXdtdG54Jbu3oZF7NsW61kuqEboChX9tjEWrA@mail.gmail.com> <4E4DA196.7090304@userid.org> <4E4E30A2.7040509@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19.08.11 11:45, Florian Smeets wrote: > On 19.08.2011 01:34, Pierre Lamy wrote: >> I just found how to resolve the problem (1 minute ago) as I was also >> having the same issue. If you compile pf into the kernel, state removals >> are NOT performed at all. pftop will show you garbage null entries. >> Flushing current states works for real states, but the malloc is never >> cleared for the garbage entries. Eventually you will run out of memory >> (max state entries too high), or be unable to add any more states. A >> reboot is the only way to clear it. >> >> I recompiled as a module and not in the kernel, it "just works" without >> any special extra steps. >> > > I can confirm (using the same kernel sources as before) that using the > modules fixed the problem for me too. > Hi, does anybody have an idea what could cause this? I think this is something that should be fixed before the release, as this can cause quite some pain for people who compile pf into the kernel. I tried to track this down, but i failed. Should file a PR to track this? Thanks, Florian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E6A3A0D.7020800>