[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: kernel/2211: PF / Kernel problem, it filtered all ports
Try this. Create a nat.conf file with an arbitrary valid rule, copy that
line a couple of hundred thousand times. Run pfctl -d -N nat.conf.
panic: malloc: out of space in kmem_map
_malloc
_amap_extend
_uvm_map
_sys_obreak
_syscall
--- syscall (number 17) ---
This is not related to network traffic or mbufs. I assumed that it's ok
to call pool_get() until resources are exhausted (it will return NULL)
and that this case will just result in the pf ADDNAT ioctl call return
ENOMEM gracefully. That's the point of all the pool_get() return value
checks against NULL, no? Why the panic, then?
If you take a look at pf's DIOCADDNAT code, it's rather simple, and the
NULL check is there.
Daniel