git: network - Fix PF mis-handling and other bugs

Matthew Dillon dillon at
Wed Sep 22 00:08:24 PDT 2010

commit aa1da1872e577bc6cbfed56abcf10828532075f3
Author: Matthew Dillon <dillon at>
Date:   Wed Sep 22 00:01:08 2010 -0700

    network - Fix PF mis-handling and other bugs
    * The mbuf subsystem does NOT clear* fields on mbuf allocation.
      PF was assuming that pf.flags was being cleared.  Instead move the
      PF_TAG_GENERATED flag from pf.flags to fw_flags and call it PF_MBUF_TAGGED.
      The fw_flags field is cleared by the mbuf subsystem.
      Then clear pf.flags whenever we set PF_MBUF_TAGGED or determine that it
      has not been set.
      This fixes a serious bug where the PF filters start missing packets,
      increasing from system boot.  This is because more and more packets in
      the objcache wind up with non-zero pf.flags which cause PF to pass
      the packet unconditionally.
      For example NAT packets would wind up in the normal protocol stack which
      would of course would get confused and generate a RST.
    * Move the 'cur' static pointer in pf_purge_expired_states() up a bit
      so pf_free_state() can access it and rename it 'purge_cur'.
      Adjust pf_free_state() to iterate purge_cur when it matches the state
      being destroyed.
    * Protect the pf_purge_thread() with pf_token, it was depending on the MP
      lock before which definitely does not do the job.
    * Flag the pfil hook as being MPSAFE.
    Reported-by: "Jan Lentfer" <Jan.Lentfer at>

Summary of changes:
 sys/net/pf/pf.c       |   82 +++++++++++++++++++++++++++++++++++++-----------
 sys/net/pf/pf_ioctl.c |    9 ++---
 sys/net/pf/pfvar.h    |    7 +++-
 3 files changed, 73 insertions(+), 25 deletions(-)

DragonFly BSD source repository

More information about the Commits mailing list