Kajetan Staszkiewicz 452e6f549c pf: Merge pf_clear_srcnodes() and pf_kill_srcnodes() ... The functions pf_clear_srcnodes() and pf_kill_srcnodes() serve the same purpose, however the former kills all source nodes while the later only a selected subset of them. They differ in how they reach that goal. pf_clear_srcnodes() first iterates over all states and detaches the source nodes from them. Then it iterates over all source nodes and marks them as expired leaving the cleanup to pf_purge_expired_src_nodes(). If a new state and a new source node are created between iterating over all states and all source nodes, this source node will have its state counter set to 0 and expiry to 1, marking it as expired without properly detaching the state from it. Later the source node will be freed with the state sill pointing to it. The function pf_kill_srcnodes() performs the same operation in a safer manner by first marking the required source nodes as expiring and then iterating over all states and checking which states point to expiring nodes. Any source node created between iterating over states and source nodes will simply be ignored. Add functionality of killing all source nodes to pf_kill_srcnodes(). Replace all calls to pf_clear_srcnodes() with a calls to pf_kill_srcnodes(), and remove the former. Reviewed by: kp Approved by: kp (mentor) Differential Revision: https://reviews.freebsd.org/D47440		2024-11-12 18:17:11 +01:00
..
ipfilter/netinet	ipfilter: Remove dead code	2024-11-12 08:00:46 -08:00
ipfw	dummynet: fix pie	2024-09-06 12:34:33 -06:00
pf	pf: Merge pf_clear_srcnodes() and pf_kill_srcnodes()	2024-11-12 18:17:11 +01:00