From owner-freebsd-pf@FreeBSD.ORG Thu Nov 20 10:05:57 2014 Return-Path: Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B172ADD3 for ; Thu, 20 Nov 2014 10:05:57 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9925EEF4 for ; Thu, 20 Nov 2014 10:05:57 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id sAKA5vM0066260 for ; Thu, 20 Nov 2014 10:05:57 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-pf@FreeBSD.org Subject: [Bug 182401] [pf] pf state for some IPs reaches 4294967295 suspicously Date: Thu, 20 Nov 2014 10:05:57 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 10.1-RC2 X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: johan@300.nl X-Bugzilla-Status: In Discussion X-Bugzilla-Priority: Normal X-Bugzilla-Assigned-To: freebsd-pf@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Nov 2014 10:05:57 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=182401 --- Comment #7 from johans --- Created attachment 149638 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=149638&action=edit patch-races-pf-state-tracking.patch glebius@ was kind enough to send us his work in progress on this bug. We created a patch (attached) for ourselves which combines the use of counter(9) with the work done by glebius@. Now that these states are protected by the PF_STATE_LOCK the counter(9) changes are probably no longer needed, but leaving them in place definitely won't make things worse. For those looking to quickly fix this issue, we are running 10.1-RELEASE with this patch now and can confirm we are no longer seeing the problems at hand. -- You are receiving this mail because: You are the assignee for the bug.