From 6b28b17d585d454ea87dd8758d18e8ff12486e1f Mon Sep 17 00:00:00 2001 From: Ryan Thomas McBride Date: Wed, 4 Feb 2004 10:43:19 +0000 Subject: Fix a number of bugs with setting pool limits which I introduced with source-tracking. Found by Pyun YongHyeon. Also add support to pfctl to set the src-nodes pool limit. "Luckily" some of the bugs cancel each other out; update kernel before pfctl. ok dhartmei@ --- sys/net/pf_ioctl.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'sys/net/pf_ioctl.c') diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index fa6640abb8c..33637b5467d 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.100 2004/01/05 13:33:11 cedric Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.101 2004/02/04 10:43:18 mcbride Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -119,8 +119,8 @@ pfattach(int num) pfi_initialize(); pf_osfp_initialize(); - pool_sethardlimit(&pf_state_pl, pf_pool_limits[PF_LIMIT_STATES].limit, - NULL, 0); + pool_sethardlimit(pf_pool_limits[PF_LIMIT_STATES].pp, + pf_pool_limits[PF_LIMIT_STATES].limit, NULL, 0); RB_INIT(&tree_src_tracking); TAILQ_INIT(&pf_anchors); @@ -1532,7 +1532,8 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) struct pfioc_limit *pl = (struct pfioc_limit *)addr; int old_limit; - if (pl->index < 0 || pl->index >= PF_LIMIT_MAX) { + if (pl->index < 0 || pl->index >= PF_LIMIT_MAX || + pf_pool_limits[pl->index].pp == NULL) { error = EINVAL; goto fail; } @@ -1543,8 +1544,6 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) } old_limit = pf_pool_limits[pl->index].limit; pf_pool_limits[pl->index].limit = pl->limit; - if (pl->index == PF_LIMIT_SRC_NODES) - pf_default_rule.max_src_nodes = pl->limit; pl->limit = old_limit; break; } -- cgit v1.2.3