Page MenuHomeFreeBSD
Differential D50779

pf: Prevent infinite looping over tables in round-robin pools
ClosedPublic
Actions

Authored by vegeta_tuxpowered.net on Jun 10 2025, 3:16 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Jan 25, 8:39 AM
Unknown Object (File)
Sun, Jan 25, 12:27 AM
Unknown Object (File)
Tue, Jan 20, 8:38 PM
Unknown Object (File)
Dec 19 2025, 2:44 PM
Unknown Object (File)
Dec 12 2025, 2:08 PM
Unknown Object (File)
Dec 1 2025, 5:12 AM
Unknown Object (File)
Nov 15 2025, 8:30 PM
Unknown Object (File)
Nov 4 2025, 1:26 AM
View All 42 Files
Subscribers
ae
farrokhi
glebius
imp
melifaro

Details

Reviewers
kp
Commits
rG04dcbb44340f: pf: Prevent infinite looping over tables in round-robin pools
Summary

In FreeBSD each redirection pool (struct pf_kpool) consists of multiple
hosts (struct pf_addr_wrap). In OpenBSD that is not the case, and a
round-robin pool having a table as a host loops infinitely only over
that single table.

In FreeBSD once all addresses from a table are returned the pool must
iterate to the next host. Add a custom flag to have pfr_pool_get() break
its loop once it reaches the last index. Use this flag in round-robin
pools. When changing pool's host set index to 0 to always start
iterating each table from beginning.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
net/
2 lines
netpfil/
pf/
16 lines
4 lines
tests/
sys/
netpfil/
pf/
82 lines

Diff 158409

View Options

sys/net/pfvar.h

Loading...
View Options

sys/netpfil/pf/pf_lb.c

Loading...
View Options

sys/netpfil/pf/pf_table.c

Loading...
View Options

tests/sys/netpfil/pf/route_to.sh

Loading...