This seems relevant to a lot of interest. commit 3a0038bfb239dd522057809c52d7d23dd2134c38
Author: Matthew Dillon <dillon at apollo.backplane.com <http://lists.dragonflybsd.org/mailman/listinfo/commits>> Date: Thu Jun 26 20:40:32 2014 -0700 pf - make the bulk of PF concurrent under normal operation * state and ip fragment tables are now per-cpu. * packet paths acquire pf_token shared instead of exclusive. Packet processing runs concurrently. * Any dynamic rules updates will run synchronously for now. * State expiration from the pfpurge thread runs synchronously for now. More work can be done here. * ioctl (and also pfsync) paths acquire pf_token exclusively. That is, primarily pfctl commands. This includes rules updates and state scans. More work can be done here. Summary of changes: sys/net/pf/Makefile | 2 + sys/net/pf/if_pfsync.c | 85 +++++++--- sys/net/pf/if_pfsync.h | 2 + sys/net/pf/pf.c | 260 ++++++++++++++++++++---------- sys/net/pf/pf_ioctl.c | 427 +++++++++++++++++++++++++++++++------------------ sys/net/pf/pf_norm.c | 118 ++++++++------ sys/net/pf/pfvar.h | 17 +- 7 files changed, 588 insertions(+), 323 deletions(-) http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3a0038bfb239dd522057809c52d7d23dd2134c38 -- DragonFly BSD source repository
