From owner-freebsd-pf@FreeBSD.ORG  Wed Oct 19 09:01:01 2011
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 93CA5106566C
	for <freebsd-pf@freebsd.org>; Wed, 19 Oct 2011 09:01:01 +0000 (UTC)
	(envelope-from bzeeb-lists@lists.zabbadoz.net)
Received: from mx1.sbone.de (mx1.sbone.de [IPv6:2a01:4f8:130:3ffc::401:25])
	by mx1.freebsd.org (Postfix) with ESMTP id 4ACFF8FC20
	for <freebsd-pf@freebsd.org>; Wed, 19 Oct 2011 09:01:01 +0000 (UTC)
Received: from mail.sbone.de (mail.sbone.de [IPv6:fde9:577b:c1a9:31::2013:587])
	(using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.sbone.de (Postfix) with ESMTPS id 91C5C25D38A5
	for <freebsd-pf@freebsd.org>; Wed, 19 Oct 2011 09:01:00 +0000 (UTC)
Received: from content-filter.sbone.de (content-filter.sbone.de
	[IPv6:fde9:577b:c1a9:31::2013:2742])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.sbone.de (Postfix) with ESMTPS id C6E81BD3C55
	for <freebsd-pf@freebsd.org>; Wed, 19 Oct 2011 09:00:59 +0000 (UTC)
X-Virus-Scanned: amavisd-new at sbone.de
Received: from mail.sbone.de ([IPv6:fde9:577b:c1a9:31::2013:587])
	by content-filter.sbone.de (content-filter.sbone.de
	[fde9:577b:c1a9:31::2013:2742]) (amavisd-new, port 10024)
	with ESMTP id 4QWa-LOpfXWC for <freebsd-pf@freebsd.org>;
	Wed, 19 Oct 2011 09:00:58 +0000 (UTC)
Received: from orange-en1.sbone.de (orange-en1.sbone.de
	[IPv6:fde9:577b:c1a9:31:cabc:c8ff:fecf:e8e3])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	by mail.sbone.de (Postfix) with ESMTPSA id A1AC1BD3C65
	for <freebsd-pf@freebsd.org>; Wed, 19 Oct 2011 09:00:58 +0000 (UTC)
From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Date: Wed, 19 Oct 2011 09:00:58 +0000
References: <201110190857.p9J8vHBJ013030@svn.freebsd.org>
To: freebsd-pf@freebsd.org
Message-Id: <A9A739C5-17A7-483E-833C-6C7D8FDF7FCA@lists.zabbadoz.net>
Mime-Version: 1.0 (Apple Message framework v1084)
X-Mailer: Apple Mail (2.1084)
Subject: Fix for no state removal if compiled into kernel ... Fwd: svn
	commit: r226530 - head/sys/contrib/pf/net
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Oct 2011 09:01:01 -0000

Hi,

for all of you.  pfsync will be next.  If you want to fetch the patch, =
it's also here:
http://people.freebsd.org/~bz/20111019-01-pf-state-removal.diff

I'll make sure it'll be part of RC2.

/bz

Begin forwarded message:

> From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
> Date: 19. October 2011 08:57:17 GMT+00:00
> To: src-committers@freebsd.org, svn-src-all@freebsd.org, =
svn-src-head@freebsd.org
> Subject: svn commit: r226530 - head/sys/contrib/pf/net
>=20
> Author: bz
> Date: Wed Oct 19 08:57:17 2011
> New Revision: 226530
> URL: http://svn.freebsd.org/changeset/base/226530
>=20
> Log:
>  Fix a bug when NPFSYNC > 0 that on FreeBSD we would always return
>  and never remove state.
>=20
>  This fixes the problem some people are seeing that state is removed =
when pf
>  is loaded as a module but not in situations when compiled into the =
kernel.
>=20
>  Reported by:	many on freebsd-pf
>  Tested by:	flo
>  MFC after:	3 days
>=20
> Modified:
>  head/sys/contrib/pf/net/pf.c
>=20
> Modified: head/sys/contrib/pf/net/pf.c
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
> --- head/sys/contrib/pf/net/pf.c	Wed Oct 19 08:52:14 2011	=
(r226529)
> +++ head/sys/contrib/pf/net/pf.c	Wed Oct 19 08:57:17 2011	=
(r226530)
> @@ -1626,8 +1626,8 @@ pf_free_state(struct pf_state *cur)
>=20
> #if NPFSYNC > 0
> #ifdef __FreeBSD__
> -	if (pfsync_state_in_use_ptr !=3D NULL)
> -		pfsync_state_in_use_ptr(cur);
> +	if (pfsync_state_in_use_ptr !=3D NULL &&
> +		pfsync_state_in_use_ptr(cur))
> #else
> 	if (pfsync_state_in_use(cur))
> #endif

--=20
Bjoern A. Zeeb                                 You have to have visions!
         Stop bit received. Insert coin for new address family.