* Josh <[EMAIL PROTECTED]> [2007-11-26 21:57]: > Henning Brauer wrote: > > Thanks David for this pointer. It may very well be the same issue. > Even though the two bridged interfaces are em(4) (1 Gb/s), the > Out-of-Band Management (OOBM) interface is fxp(4) that carries two > VLANs, one for pfsync(4), and one for command&control/monitoring. > > the leak had nothing to do with fxp. > it's simply a generic memory leak in a state insertion error path that > single firewalls tend to trigger seldom if at all, but pfsync > regularily hits. > > Still, I will given Henning's patch a try, while waiting for results > of the instrumentation with 'vmstat -m', as suggested by the previous > responder. > > if you're running pfsync i make bets it is that. > if you look at vmstat -m and pfstatekeypl has more objects in use than > pfstatepl you know it is that. > > Yeah your patch thankfully does fix the problem. Just had another pair of > 4.2 boxes > fall over from the same bug this morning. > > Is it serious enough to put an errata note up?
assuming no ill effects from the fix show up, yes, soon. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam