On 20 May 2016, at 18:57, Max wrote:
20.05.2016 11:53, Kristof Provost пишет:
On 19 May 2016, at 19:49, Max wrote:
The number of used frags (almost) never decreases. I don't have
enough experience in programming. But I guess that the problem may
be in "frag->fr_timeout = time_second;" in pf_fi
Hello, Kristof.
20.05.2016 11:53, Kristof Provost пишет:
Hi Max,
On 19 May 2016, at 19:49, Max wrote:
The number of used frags (almost) never decreases. I don't have
enough experience in programming. But I guess that the problem may be
in "frag->fr_timeout = time_second;" in pf_fillup_fragm
Hi Max,
On 19 May 2016, at 19:49, Max wrote:
The number of used frags (almost) never decreases. I don't have enough
experience in programming. But I guess that the problem may be in
"frag->fr_timeout = time_second;" in pf_fillup_fragment() (pf_norm.c).
It should be "frag->fr_timeout = time_up
The value of "time_second" is a number of seconds since 1970, if I
understand correctly. It means that then condition "if (frag->fr_timeout
> expire)" in pf_purge_expired_fragments() should always evaluated to
"true" and hence there is no expiring happens.
The problem exists since 10.2.
__
Hello.
I have an issue with pf in FreeBSD 10.3-RELEASE-p2. Looks like there is
a problem with fragment expiring. It all began with kernel messages "PF
frag entries limit reached".
# sh -c "while true ; do date; { vmstat -z; pfctl -si; } | sed -n
'1p;/frag/p'; echo; sleep 5; done"
Thu May 19
