1/* $OpenBSD: pf.c,v 1.634 2009/02/27 12:37:45 henning Exp $ */ 2 3/* 4 * Copyright (c) 2001 Daniel Hartmeier 5 * Copyright (c) 2002 - 2008 Henning Brauer 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 26 unchanged lines hidden (view full) --- 35 * 36 */ 37 38#ifdef __FreeBSD__ 39#include "opt_inet.h" 40#include "opt_inet6.h" 41 42#include <sys/cdefs.h> |
43__FBSDID("$FreeBSD: stable/9/sys/contrib/pf/net/pf.c 226796 2011-10-26 15:36:48Z bz $"); |
44#endif 45 46#ifdef __FreeBSD__ 47#include "opt_bpf.h" 48#include "opt_pf.h" 49 50#ifdef DEV_BPF 51#define NBPFILTER DEV_BPF --- 1285 unchanged lines hidden (view full) --- 1337#endif 1338 1339 CURVNET_SET((struct vnet *)v); 1340 1341 for (;;) { 1342 tsleep(pf_purge_thread, PWAIT, "pftm", 1 * hz); 1343 1344#ifdef __FreeBSD__ |
1345 sx_slock(&V_pf_consistency_lock); |
1346 PF_LOCK(); |
1347 locked = 0; |
1348 |
1349 if (V_pf_end_threads) { 1350 PF_UNLOCK(); 1351 sx_sunlock(&V_pf_consistency_lock); 1352 sx_xlock(&V_pf_consistency_lock); 1353 PF_LOCK(); |
1354 |
1355 pf_purge_expired_states(V_pf_status.states, 1); 1356 pf_purge_expired_fragments(); 1357 pf_purge_expired_src_nodes(1); 1358 V_pf_end_threads++; 1359 1360 sx_xunlock(&V_pf_consistency_lock); 1361 PF_UNLOCK(); 1362 wakeup(pf_purge_thread); 1363 kproc_exit(0); 1364 } |
1365#endif 1366 s = splsoftnet(); 1367 1368 /* process a fraction of the state table every second */ 1369#ifdef __FreeBSD__ |
1370 if (!pf_purge_expired_states(1 + (V_pf_status.states / 1371 V_pf_default_rule.timeout[PFTM_INTERVAL]), 0)) { 1372 PF_UNLOCK(); 1373 sx_sunlock(&V_pf_consistency_lock); 1374 sx_xlock(&V_pf_consistency_lock); 1375 PF_LOCK(); 1376 locked = 1; |
1377 |
1378 pf_purge_expired_states(1 + (V_pf_status.states / 1379 V_pf_default_rule.timeout[PFTM_INTERVAL]), 1); 1380 } |
1381#else 1382 pf_purge_expired_states(1 + (pf_status.states 1383 / pf_default_rule.timeout[PFTM_INTERVAL])); 1384#endif 1385 1386 /* purge other expired types every PFTM_INTERVAL seconds */ 1387#ifdef __FreeBSD__ 1388 if (++nloops >= V_pf_default_rule.timeout[PFTM_INTERVAL]) { --- 232 unchanged lines hidden (view full) --- 1621pf_free_state(struct pf_state *cur) 1622{ 1623#ifndef __FreeBSD__ 1624 splassert(IPL_SOFTNET); 1625#endif 1626 1627#if NPFSYNC > 0 1628#ifdef __FreeBSD__ |
1629 if (pfsync_state_in_use_ptr != NULL && 1630 pfsync_state_in_use_ptr(cur)) |
1631#else 1632 if (pfsync_state_in_use(cur)) 1633#endif 1634 return; 1635#endif 1636#ifdef __FreeBSD__ 1637 KASSERT(cur->timeout == PFTM_UNLINKED, 1638 ("pf_free_state: cur->timeout != PFTM_UNLINKED")); --- 5987 unchanged lines hidden --- |