From 8e2b1533d49e59c98ecc5b075ae7d77c923e8e98 Mon Sep 17 00:00:00 2001 From: Eygene Ryabinkin Date: Fri, 1 Mar 2013 23:16:24 +0400 Subject: [PATCH 1/2] Pfsync: correct update wait logics Since we want updates to be pushed regularily, there is a check for the time interval from the last update. Before this patch it used to be (T_now - T_lastupdate < 2), thus it will update the states if the previous update was no more than 2 seconds ago, so all updates that are more than 2 seconds old will be pushed only when enough TCP packet state changes will be collected and 'sync' will be set to non-zero. For guaranteed timely updates we must use (T_now - T_lastupdate >= 2) to make update period to be slightly more than 2 seconds. Signed-off-by: Eygene Ryabinkin --- sys/contrib/pf/net/if_pfsync.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/contrib/pf/net/if_pfsync.c b/sys/contrib/pf/net/if_pfsync.c index f7922d4..9942645 100644 --- a/sys/contrib/pf/net/if_pfsync.c +++ b/sys/contrib/pf/net/if_pfsync.c @@ -148,6 +148,8 @@ __FBSDID("$FreeBSD$"); sizeof(struct pfsync_subheader) + \ sizeof(struct pfsync_eof)) +#define PFSYNC_MAX_UPD_WAIT 2 + struct pfsync_pkt { struct ip *ip; struct in_addr src; @@ -2599,7 +2601,7 @@ pfsync_update_state(struct pf_state *st) st->sync_state); } - if (sync || (time_uptime - st->pfsync_time) < 2) { + if (sync || (time_uptime - st->pfsync_time) >= PFSYNC_MAX_UPD_WAIT) { pfsync_upds++; schednetisr(NETISR_PFSYNC); } -- 1.8.1