Page MenuHomeFreeBSD
Differential D50779

pf: Prevent infinite looping over tables in round-robin pools
ClosedPublic
Actions

Authored by vegeta_tuxpowered.net on Jun 10 2025, 3:16 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Apr 5, 3:07 PM
Unknown Object (File)
Sun, Apr 5, 2:42 PM
Unknown Object (File)
Sat, Apr 4, 3:17 PM
Unknown Object (File)
Fri, Apr 3, 2:27 AM
Unknown Object (File)
Fri, Mar 13, 11:30 PM
Unknown Object (File)
Mar 3 2026, 4:55 PM
Unknown Object (File)
Mar 2 2026, 8:15 PM
Unknown Object (File)
Feb 16 2026, 6:41 PM
View All 51 Files
Subscribers
ae
farrokhi
glebius
imp
melifaro

Details

Reviewers
kp
Commits
rG04dcbb44340f: pf: Prevent infinite looping over tables in round-robin pools
Summary

In FreeBSD each redirection pool (struct pf_kpool) consists of multiple
hosts (struct pf_addr_wrap). In OpenBSD that is not the case, and a
round-robin pool having a table as a host loops infinitely only over
that single table.

In FreeBSD once all addresses from a table are returned the pool must
iterate to the next host. Add a custom flag to have pfr_pool_get() break
its loop once it reaches the last index. Use this flag in round-robin
pools. When changing pool's host set index to 0 to always start
iterating each table from beginning.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
net/
2 lines
netpfil/
pf/
16 lines
4 lines
tests/
sys/
netpfil/
pf/
82 lines

Diff 158409

View Options

sys/net/pfvar.h

Loading...
View Options

sys/netpfil/pf/pf_lb.c

Loading...
View Options

sys/netpfil/pf/pf_table.c

Loading...
View Options

tests/sys/netpfil/pf/route_to.sh

Loading...