Date: Sat, 5 Apr 1997 20:44:22 +1000 (EST) From: proff@suburbia.net To: hackers@freebsd.org Subject: ipfilter Message-ID: <19970405104422.22327.qmail@suburbia.net>
next in thread | raw e-mail | index | archive | help
I have almost completed my ipfilter-current integration. If anyone has any outstanding code can they please send it to me. ps. darren: I'm considering breaking out nearly all of your #includes into seven different files: conf.h dns.h netkern.h kernel.h types.h netinet.h user.h At the moment the <includes> are a mess and not easily maintainable across platforms. The changes in FreeBSD's include files don't help, but ipfilter should be able to adapt more easily to such conflicts. I still haven't nailed the mbuf leak in the tcp-state following code. I've stopped the various panics that occur when pass returns strange values, nonetheless ipf was happy to eat over a 1000k in data mbuf's with only a few dozen concurrently active connections last night, and a high-water (according to ipfstat) of 78 connections. e.g 1408/1440 mbufs in use: 1391 mbufs allocated to data 1 mbufs allocated to packet headers 13 mbufs allocated to protocol control blocks 3 mbufs allocated to socket names and addresses 313/318 mbuf clusters in use 816 Kbytes allocated to network (98% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines -- Prof. Julian Assange |If you want to build a ship, don't drum up people |together to collect wood and don't assign them tasks proff@suburbia.net |and work, but rather teach them to long for the endless proff@gnu.ai.mit.edu |immensity of the sea. -- Antoine de Saint Exupery
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970405104422.22327.qmail>