freebsd-dev

History

Mark Johnston e6aed06fdf pf: Fix table entry counter toggling When updating a table, pf will keep existing table entry structures corresponding to addresses that are in both of the old and new tables. However, the update may also enable or disable per-entry counters which are allocated separately. Thus when toggling PFR_TFLAG_COUNTERS, the entries may be missing counters or may have unused counters allocated. Fix the problem by modifying pfr_ina_commit() to transfer counters from or to entries in the shadow table. PR: 251414 Reported by: sigsys@gmail.com Reviewed by: kp MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D27440	2020-12-02 16:01:43 +00:00
..
ipfw	Add dtrace SDT probe ipfw:::rule-matched.	2020-10-21 15:01:33 +00:00
pf	pf: Fix table entry counter toggling	2020-12-02 16:01:43 +00:00

Mark Johnston e6aed06fdf pf: Fix table entry counter toggling

When updating a table, pf will keep existing table entry structures
corresponding to addresses that are in both of the old and new tables.
However, the update may also enable or disable per-entry counters which
are allocated separately.  Thus when toggling PFR_TFLAG_COUNTERS, the
entries may be missing counters or may have unused counters allocated.

Fix the problem by modifying pfr_ina_commit() to transfer counters
from or to entries in the shadow table.

PR:		251414
Reported by:	sigsys@gmail.com
Reviewed by:	kp
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D27440

2020-12-02 16:01:43 +00:00

ipfw

Add dtrace SDT probe ipfw:::rule-matched.

2020-10-21 15:01:33 +00:00

pf: Fix table entry counter toggling

2020-12-02 16:01:43 +00:00