Date: Thu, 10 Dec 2009 10:22:09 -0800 From: Derek Kulinski <takeda@takeda.tk> To: Max Laier <max@love2party.net> Cc: freebsd-stable@freebsd.org Subject: Re: pf: unlocked lookup Message-ID: <124905177.20091210102209@takeda.tk> In-Reply-To: <200912101838.42013.max@love2party.net> References: <20091210034512.GA28864@chinatsu.takeda.tk> <200912101838.42013.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Max, Thursday, December 10, 2009, 9:38:41 AM, you wrote: > this is a generic informational message that was put into the code to figure > out if the hack that is "debug.pfugidhack" is actually required. You can get > rid of the message by setting the debug level of pf to something below "misc" > (e.g. pfctl -x urgent). Well, the hack actually is required, my system crashes when I disable it. > The pfugidhack is automatically enabled when you use rules with user or group > filters. These rules are a layering violation and the hack is required to > make them work. I'd rather get rid of them altogether, but since it is a much > demanded functionality we introduced the workaround instead. > Just lower the debugging level (s.a.), ignore the messages, or rebuild your > kernel/pf module with the respective DPRINTF lines (sys/contrib/pf/net/pf.c) > commented out. I might just move them to the loud level in the main tree, > though. So if I understand correctly, chances of fixing the workaround are really small? At least now I know how to disable those messages, thanks. -- Best regards, Derek mailto:takeda@takeda.tk Come to think of it, there are already a million monkeys on a million typewriters, and Usenet is *nothing* like Shakespeare. -- Blair Houghton
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?124905177.20091210102209>