Date: Wed, 7 Mar 2012 11:36:02 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r232655 - projects/pf/head/sys/contrib/pf/net Message-ID: <201203071136.q27Ba24q091461@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Wed Mar 7 11:36:02 2012 New Revision: 232655 URL: http://svn.freebsd.org/changeset/base/232655 Log: Use ID lookup structure to run through all states in pfsync. This reduces pfsync's knowledge about state keys. > Description of fields to fill in above: 76 columns --| > PR: If a GNATS PR is affected by the change. > Submitted by: If someone else sent in the change. > Reviewed by: If someone else reviewed your modification. > Approved by: If you needed approval for this commit. > Obtained from: If the change is from a third party. > MFC after: N [day[s]|week[s]|month[s]]. Request a reminder email. > Security: Vulnerability reference (one per line) or description. > Empty fields above will be automatically removed. M if_pfsync.c Modified: projects/pf/head/sys/contrib/pf/net/if_pfsync.c Modified: projects/pf/head/sys/contrib/pf/net/if_pfsync.c ============================================================================== --- projects/pf/head/sys/contrib/pf/net/if_pfsync.c Wed Mar 7 11:29:43 2012 (r232654) +++ projects/pf/head/sys/contrib/pf/net/if_pfsync.c Wed Mar 7 11:36:02 2012 (r232655) @@ -682,8 +682,7 @@ pfsync_in_clr(struct pfsync_pkt *pkt, st int len = sizeof(*clr) * count; int i, offp; - struct pf_state *si, *st, *nexts; - struct pf_state_key *sk, *nextsk; + struct pf_state *st, *nexts; u_int32_t creatorid; mp = m_pulldown(m, offset, len, &offp); @@ -697,39 +696,22 @@ pfsync_in_clr(struct pfsync_pkt *pkt, st for (i = 0; i < count; i++) { creatorid = clr[i].creatorid; - if (clr[i].ifname[0] == '\0') { - PF_KEYS_LOCK(); - PF_IDS_LOCK(); - for (st = RB_MIN(pf_state_tree_id, &V_tree_id); - st; st = nexts) { - nexts = RB_NEXT(pf_state_tree_id, &V_tree_id, st); - if (st->creatorid == creatorid) { - SET(st->state_flags, PFSTATE_NOSYNC); - pf_unlink_state(st, 1); - } - } - PF_IDS_UNLOCK(); - PF_KEYS_UNLOCK(); - } else { - if (pfi_kif_get(clr[i].ifname) == NULL) - continue; + if (clr[i].ifname[0] != '\0' && + pfi_kif_get(clr[i].ifname) == NULL) + continue; - PF_KEYS_LOCK(); - /* XXX correct? */ - for (sk = RB_MIN(pf_state_tree, &V_pf_statetbl); - sk; sk = nextsk) { - nextsk = RB_NEXT(pf_state_tree, - &V_pf_statetbl, sk); - TAILQ_FOREACH(si, &sk->states, key_list) { - if (si->creatorid == creatorid) { - SET(si->state_flags, - PFSTATE_NOSYNC); - pf_unlink_state(si, 0); - } - } + PF_KEYS_LOCK(); + PF_IDS_LOCK(); + for (st = RB_MIN(pf_state_tree_id, &V_tree_id); + st; st = nexts) { + nexts = RB_NEXT(pf_state_tree_id, &V_tree_id, st); + if (st->creatorid == creatorid) { + SET(st->state_flags, PFSTATE_NOSYNC); + pf_unlink_state(st, 1); } - PF_KEYS_UNLOCK(); } + PF_IDS_UNLOCK(); + PF_KEYS_UNLOCK(); } PF_UNLOCK();
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201203071136.q27Ba24q091461>