change pool allocation of table entries, no longer use the oldnointr

allocator and two pools, but PR_WAITOK when called from non-interrupt
context (ioctl). add configurable hard limits for tables and table
entries (set limit tables/table-entries), defaulting to 1000/100000.
ok aaron@, henning@, mcbride@, art@

1 files changed, 6 insertions, 2 deletions

diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index bde89c0863e..aed89e219ed 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfvar.h,v 1.216 2005/05/23 22:30:21 henning Exp $ */
+/*	$OpenBSD: pfvar.h,v 1.217 2005/05/23 23:28:53 dhartmei Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -94,7 +94,8 @@ enum	{ PFTM_TCP_FIRST_PACKET, PFTM_TCP_OPENING, PFTM_TCP_ESTABLISHED,
 #define PFTM_TS_DIFF_VAL		30	/* Allowed TS diff */
 
 enum	{ PF_NOPFROUTE, PF_FASTROUTE, PF_ROUTETO, PF_DUPTO, PF_REPLYTO };
-enum	{ PF_LIMIT_STATES, PF_LIMIT_SRC_NODES, PF_LIMIT_FRAGS, PF_LIMIT_MAX };
+enum	{ PF_LIMIT_STATES, PF_LIMIT_SRC_NODES, PF_LIMIT_FRAGS,
+	  PF_LIMIT_TABLES, PF_LIMIT_TABLE_ENTRIES, PF_LIMIT_MAX };
 #define PF_POOL_IDMASK		0x0f
 enum	{ PF_POOL_NONE, PF_POOL_BITMASK, PF_POOL_RANDOM,
 	  PF_POOL_SRCHASH, PF_POOL_ROUNDROBIN };
@@ -1111,6 +1112,9 @@ struct pf_tagname {
 #define PFFRAG_FRCENT_HIWAT	50000	/* Number of fragment cache entries */
 #define PFFRAG_FRCACHE_HIWAT	10000	/* Number of fragment descriptors */
 
+#define PFR_KTABLE_HIWAT	1000	/* Number of tables */
+#define PFR_KENTRY_HIWAT	100000	/* Number of table entries */
+
 /*
  * ioctl parameter structures
  */