[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Questions on if_pfsync.c updates after 3.6 base.

Could any of the below changes to if_pfsync.c in cvs be related to my just
logged problem with random lost connections that only appears in a dual fw
environment with pfsync? The changes below are not applied as I use 3.6
release... I was not the only person that just like that started to see
random disconnects with floods of "P" flags. The firewalls are not heavy
Could I if I want just check out this and the header file and recompile
the kernel, or will there be any drawbacks?
Fix for PR3983
- Add a new PFSTATE_STALE flag to uncompressed state updates sent as a result
  of a stale state being detected, and prevent updates with this flag from
  generating similar messages.
- For the specific case where the state->src in the recieved update is ok but
  the state.dst is not, take the partial update, then "fail" to let the other
  peers pick up the better data that we have. From Chris Pascoe.
Clean up reference counting wrt state creation and destruction. Fixes
problems with adaptive timeouts, max-states limits, and rules not being
freed from memory.