Page MenuHomeFreeBSD
Differential D17734

pf: Limit the fragment entry queue length to 64 per bucket.
ClosedPublic
Actions

Authored by kp on Oct 28 2018, 6:30 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 18, 9:23 AM
Unknown Object (File)
Sun, Nov 17, 11:21 PM
Unknown Object (File)
Sun, Nov 17, 8:58 PM
Unknown Object (File)
Sun, Nov 17, 7:10 PM
Unknown Object (File)
Sun, Nov 17, 5:04 PM
Unknown Object (File)
Sun, Nov 17, 4:40 PM
Unknown Object (File)
Sun, Nov 17, 4:23 PM
Unknown Object (File)
Sun, Nov 17, 4:14 PM
View All 84 Files
Subscribers
ae
eri
farrokhi
imp
melifaro

Details

Reviewers
eri
Group Reviewers
network
Commits
rG8de214ad4d22: pf: Limit the fragment entry queue length to 64 per bucket.
rS340062: pf: Limit the fragment entry queue length to 64 per bucket.
Summary

So we have a global limit of 1024 fragments, but it is fine grained to
the region of the packet. Smaller packets may have less fragments.
This costs another 16 bytes of memory per reassembly and devides the
worst case for searching by 8.

Obtained from: OpenBSD

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kp created this revision.Oct 28 2018, 6:30 AM
Herald added subscribers: farrokhi, ae. · View Herald TranscriptOct 28 2018, 6:30 AM
Harbormaster completed remote builds in B20481: Diff 49719.Oct 28 2018, 6:30 AM
kp added a reviewer: network.Oct 28 2018, 6:31 AM
kp set the repository for this revision to rS FreeBSD src repository - subversion.
Herald added a subscriber: imp. · View Herald TranscriptOct 28 2018, 6:31 AM
eri accepted this revision.Oct 30 2018, 5:48 PM
eri added a subscriber: eri.
eri added inline comments.
sys/netpfil/pf/pf_norm.c
91 ↗(On Diff #49719)

Can you correct the formatting here?

This revision is now accepted and ready to land.Oct 30 2018, 5:48 PM
kp updated this revision to Diff 49869.Nov 1 2018, 10:58 AM

Formatting change.

This revision now requires review to proceed.Nov 1 2018, 10:58 AM
Harbormaster completed remote builds in B20563: Diff 49869.Nov 1 2018, 10:58 AM
This revision was not accepted when it landed; it landed in state Needs Review.Nov 2 2018, 3:32 PM
Closed by commit rS340062: pf: Limit the fragment entry queue length to 64 per bucket. (authored by kp). · Explain Why
This revision was automatically updated to reflect the committed changes.
kp added a commit: rG8de214ad4d22: pf: Limit the fragment entry queue length to 64 per bucket..Feb 28 2021, 4:05 PM
Herald added a subscriber: melifaro. · View Herald TranscriptFeb 28 2021, 4:05 PM

Revision Contents
Changeset List

PathSize
head/
sys/
net/
7 lines
netpfil/
pf/
34 lines

Diff 49939

View Options

head/sys/net/pfvar.h

Loading...
View Options

head/sys/netpfil/pf/pf_norm.c

Loading...