Page MenuHomeFreeBSD
Differential D17734

pf: Limit the fragment entry queue length to 64 per bucket.
ClosedPublic
Actions

Authored by kp on Oct 28 2018, 6:30 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Apr 12, 7:18 PM
Unknown Object (File)
Wed, Mar 27, 10:31 PM
Unknown Object (File)
Jan 29 2024, 12:05 AM
Unknown Object (File)
Jan 28 2024, 9:40 PM
Unknown Object (File)
Jan 7 2024, 10:28 AM
Unknown Object (File)
Dec 23 2023, 9:38 AM
Unknown Object (File)
Dec 14 2023, 10:06 PM
Unknown Object (File)
Nov 17 2023, 2:05 AM
View All 36 Files
Subscribers
ae
eri
farrokhi
imp
melifaro

Details

Reviewers
eri
Group Reviewers
network
Commits
rG8de214ad4d22: pf: Limit the fragment entry queue length to 64 per bucket.
rS340062: pf: Limit the fragment entry queue length to 64 per bucket.
Summary

So we have a global limit of 1024 fragments, but it is fine grained to
the region of the packet. Smaller packets may have less fragments.
This costs another 16 bytes of memory per reassembly and devides the
worst case for searching by 8.

Obtained from: OpenBSD

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 20481
Build 19913: arc lint + arc unit

Event Timeline

kp created this revision.Oct 28 2018, 6:30 AM
Herald added subscribers: farrokhi, ae. · View Herald TranscriptOct 28 2018, 6:30 AM
Harbormaster completed remote builds in B20481: Diff 49719.Oct 28 2018, 6:30 AM
kp added a reviewer: network.Oct 28 2018, 6:31 AM
kp set the repository for this revision to rS FreeBSD src repository - subversion.
Herald added a subscriber: imp. · View Herald TranscriptOct 28 2018, 6:31 AM
eri accepted this revision.Oct 30 2018, 5:48 PM
eri added a subscriber: eri.
eri added inline comments.
sys/netpfil/pf/pf_norm.c
91

Can you correct the formatting here?

This revision is now accepted and ready to land.Oct 30 2018, 5:48 PM
kp updated this revision to Diff 49869.Nov 1 2018, 10:58 AM

Formatting change.

This revision now requires review to proceed.Nov 1 2018, 10:58 AM
Harbormaster completed remote builds in B20563: Diff 49869.Nov 1 2018, 10:58 AM
This revision was not accepted when it landed; it landed in state Needs Review.Nov 2 2018, 3:32 PM
Closed by commit rS340062: pf: Limit the fragment entry queue length to 64 per bucket. (authored by kp). · Explain Why
This revision was automatically updated to reflect the committed changes.
kp added a commit: rG8de214ad4d22: pf: Limit the fragment entry queue length to 64 per bucket..Feb 28 2021, 4:05 PM
Herald added a subscriber: melifaro. · View Herald TranscriptFeb 28 2021, 4:05 PM

Revision Contents
Changeset List

PathSize
sys/
net/
7 lines
netpfil/
pf/
34 lines

Diff 49719

View Options

sys/net/pfvar.h

Loading...
View Options

sys/netpfil/pf/pf_norm.c

Loading...