pf: Prevent infinite looping over tables in round-robin pools
AcceptedPublic
Actions

Authored by vegeta_tuxpowered.net on Tue, Jun 10, 3:16 PM.

Tags

None

Referenced Files

	F120521691: D50779.diff
	Wed, Jun 18, 6:16 PM

	Unknown Object (File)
	Tue, Jun 17, 12:02 AM

	Unknown Object (File)
	Tue, Jun 17, 12:02 AM

	Unknown Object (File)
	Mon, Jun 16, 10:07 PM

	Unknown Object (File)
	Sun, Jun 15, 7:19 PM

	Unknown Object (File)
	Fri, Jun 13, 1:30 AM

	Unknown Object (File)
	Fri, Jun 13, 1:25 AM

	Unknown Object (File)
	Fri, Jun 13, 12:56 AM

Subscribers

Details

Reviewers

Summary

In FreeBSD each redirection pool (struct pf_kpool) consists of multiple
hosts (struct pf_addr_wrap). In OpenBSD that is not the case, and a
round-robin pool having a table as a host loops infinitely only over
that single table.

In FreeBSD once all addresses from a table are returned the pool must
iterate to the next host. Add a custom flag to have pfr_pool_get() break
its loop once it reaches the last index. Use this flag in round-robin
pools. When changing pool's host set index to 0 to always start
iterating each table from beginning.