Re: How to have more than 15 pflog interfaces?
* Siju George [2012-05-04 08:44]:
> On Thu, Apr 12, 2012 at 3:44 AM, Henning Brauer
> wrote:
> > diffs are for current of course but should work for 5.1 as well -
> > dunno what you are trying.
> I have upgraded my firewall to 5.1
> could you please give ma a unified diff or something I can try
Index: if_pflog.c
===
RCS file: /cvs/src/sys/net/if_pflog.c,v
retrieving revision 1.49
diff -u -p -r1.49 if_pflog.c
--- if_pflog.c 3 Feb 2012 01:57:50 - 1.49
+++ if_pflog.c 4 May 2012 08:59:00 -
@@ -80,6 +80,7 @@
#endif
void pflogattach(int);
+intpflogifs_resize(size_t);
intpflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
struct rtentry *);
intpflogioctl(struct ifnet *, u_long, caddr_t);
@@ -91,16 +92,14 @@ LIST_HEAD(, pflog_softc)pflogif_list;
struct if_clonepflog_cloner =
IF_CLONE_INITIALIZER("pflog", pflog_clone_create, pflog_clone_destroy);
-struct ifnet *pflogifs[PFLOGIFS_MAX];/* for fast access */
-struct mbuf*pflog_mhdr = NULL, *pflog_mptr = NULL;
+int npflogifs = 0;
+struct ifnet **pflogifs = NULL; /* for fast access */
+struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL;
void
pflogattach(int npflog)
{
- int i;
LIST_INIT(&pflogif_list);
- for (i = 0; i < PFLOGIFS_MAX; i++)
- pflogifs[i] = NULL;
if (pflog_mhdr == NULL)
if ((pflog_mhdr = m_get(M_DONTWAIT, MT_HEADER)) == NULL)
panic("pflogattach: no mbuf");
@@ -111,15 +110,39 @@ pflogattach(int npflog)
}
int
+pflogifs_resize(size_t n)
+{
+ struct ifnet**p;
+ int i;
+
+ if (n > SIZE_MAX / sizeof(struct ifnet))
+ return (EINVAL);
+ if (n == 0)
+ p = NULL;
+ else
+ if ((p = malloc(n * sizeof(struct ifnet), M_DEVBUF,
+ M_NOWAIT|M_ZERO)) == NULL)
+ return (ENOMEM);
+ for (i = 0; i < n; i++)
+ if (i < npflogifs)
+ p[i] = pflogifs[i];
+ else
+ p[i] = NULL;
+
+ if (pflogifs)
+ free(pflogifs, M_DEVBUF);
+ pflogifs = p;
+ npflogifs = n;
+ return (0);
+}
+
+int
pflog_clone_create(struct if_clone *ifc, int unit)
{
struct ifnet *ifp;
struct pflog_softc *pflogif;
int s;
- if (unit >= PFLOGIFS_MAX)
- return (EINVAL);
-
if ((pflogif = malloc(sizeof(*pflogif),
M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL)
return (ENOMEM);
@@ -144,6 +167,10 @@ pflog_clone_create(struct if_clone *ifc,
s = splnet();
LIST_INSERT_HEAD(&pflogif_list, pflogif, sc_list);
+ if (unit + 1 > npflogifs && pflogifs_resize(unit + 1) != 0) {
+ splx(s);
+ return (ENOMEM);
+ }
pflogifs[unit] = ifp;
splx(s);
@@ -154,11 +181,16 @@ int
pflog_clone_destroy(struct ifnet *ifp)
{
struct pflog_softc *pflogif = ifp->if_softc;
- int s;
+ int s, i;
s = splnet();
pflogifs[pflogif->sc_unit] = NULL;
LIST_REMOVE(pflogif, sc_list);
+
+ for (i = npflogifs; i > 0 && pflogifs[i - 1] == NULL; i--)
+ ; /* nothing */
+ if (i < npflogifs)
+ pflogifs_resize(i); /* error harmless here */
splx(s);
if_detach(ifp);
@@ -225,7 +257,8 @@ pflog_packet(struct pf_pdesc *pd, u_int8
if (rm == NULL || pd == NULL || pd->kif == NULL || pd->m == NULL)
return (-1);
- if ((ifn = pflogifs[rm->logif]) == NULL || !ifn->if_bpf)
+ if (rm->logif >= npflogifs || (ifn = pflogifs[rm->logif]) == NULL ||
+ !ifn->if_bpf)
return (0);
bzero(&hdr, sizeof(hdr));
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
Re: How to have more than 15 pflog interfaces?
On Thu, Apr 12, 2012 at 3:44 AM, Henning Brauer wrote: > diffs are for current of course but should work for 5.1 as well - > dunno what you are trying. > Dear Henning, I have upgraded my firewall to 5.1 could you please give ma a unified diff or something I can try Thanks Siju
Re: How to have more than 15 pflog interfaces?
On Thu, Apr 12, 2012 at 3:44 AM, Henning Brauer wrote: > > > diffs are for current of course but should work for 5.1 as well - > dunno what you are trying. > Ok thanks :-) I am running 5.0 --Siju
Re: How to have more than 15 pflog interfaces?
On Wed, Apr 11, 2012 at 3:14 PM, Henning Brauer
wrote:
> * patrick keshishian [2012-04-11 14:55]:
>> On Wed, Apr 11, 2012 at 12:20:30PM +0200, Henning Brauer wrote:
>> don't you need two different index vars for this next
>> section?
>
> no, why?
I put the caveat that I am not familiar with the code (and its use).
So apologies if I'm making grave assumptions on the use case (more
below).
>> > + for (i = 0; i < n; i++)
>> > + if (i < npflogifs)
>> > + p[i] = pflogifs[i];
>> > + else
>> > + p[i] = NULL;
>
> i think that is pretty clear: each slot in the newly allocated p gets
> the same value as it had in the old pflogifs, once we're at the end of
> pflogifs we set the remaining slots to NULL. unused slots were NULL
> before so just inheriting the NULL is safe.
Unless pflog_clone_destroy() takes out one in the middle of the list.
I probably assumed too much.
>> something like the following with caveats that a) it is
>> 5am-ish for me and b) i did not try compiling it:
>>
>> for (i = 0, j = 0; i < n; i++, j++) {
>> for (; j < npflogifs && NULL == pflogifs[j]; j++)
>> ;
>> if (j == npflogifs)
>> break;
>> p[i] = pflogifs[j];
>> }
>> for (; i < n; i++)
>> p[i] = NULL;
>
> i gave up following this after a bit.
The loop is like yours, but looks out for an NULL-ed out pflogifs
entry (from pflog_clone_destroy()?). If one is detected, adjust index
into pflogifs accordingly.
Now, if it is the case that pflog_clone_destroy() won't ever take out
an entry in the middle of pflogifs, then ignore my comments.
>> > +
>> > + if(pflogifs)
>> ^^ nit
>
> fixed
>
>> > s = splnet();
>> > pflogifs[pflogif->sc_unit] = NULL;
>> > LIST_REMOVE(pflogif, sc_list);
>> > +
>> > + for (i = npflogifs; i > 0 && pflogifs[i - 1] != NULL; i--)
>> > + ; /* nothing */
>> > + if (i < npflogifs)
>> > + pflogifs_resize(i); /* error harmless here */
>>
>> So, if the last pflogifs entry is NULL don't resize
>> down? Not really questioning the logic, but want to
>> make sure I understand that's what is meant, cause
>> there is an easier check for that than the for()-loop.
>> Caveats: a) 5am-ish, b) not familiar with code.
>
> walk the array backwards until we find the first non-empty slot, then
> shrink it to that.
OK. So the _destroy() code will always take out entries from the end
of the pflogifs array.
Sorry for the noise.
--patrick
> --
> Henning Brauer, h...@bsws.de, henn...@openbsd.org
> BS Web Services, http://bsws.de, Full-Service ISP
> Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully
Managed
> Henning Brauer Consulting, http://henningbrauer.com/
Re: How to have more than 15 pflog interfaces?
* patrick keshishian [2012-04-11 14:55]:
> On Wed, Apr 11, 2012 at 12:20:30PM +0200, Henning Brauer wrote:
> don't you need two different index vars for this next
> section?
no, why?
> > + for (i = 0; i < n; i++)
> > + if (i < npflogifs)
> > + p[i] = pflogifs[i];
> > + else
> > + p[i] = NULL;
i think that is pretty clear: each slot in the newly allocated p gets
the same value as it had in the old pflogifs, once we're at the end of
pflogifs we set the remaining slots to NULL. unused slots were NULL
before so just inheriting the NULL is safe.
> something like the following with caveats that a) it is
> 5am-ish for me and b) i did not try compiling it:
>
> for (i = 0, j = 0; i < n; i++, j++) {
> for (; j < npflogifs && NULL == pflogifs[j]; j++)
> ;
> if (j == npflogifs)
> break;
> p[i] = pflogifs[j];
> }
> for (; i < n; i++)
> p[i] = NULL;
i gave up following this after a bit.
> > +
> > + if(pflogifs)
> ^^ nit
fixed
> > s = splnet();
> > pflogifs[pflogif->sc_unit] = NULL;
> > LIST_REMOVE(pflogif, sc_list);
> > +
> > + for (i = npflogifs; i > 0 && pflogifs[i - 1] != NULL; i--)
> > + ; /* nothing */
> > + if (i < npflogifs)
> > + pflogifs_resize(i); /* error harmless here */
>
> So, if the last pflogifs entry is NULL don't resize
> down? Not really questioning the logic, but want to
> make sure I understand that's what is meant, cause
> there is an easier check for that than the for()-loop.
> Caveats: a) 5am-ish, b) not familiar with code.
walk the array backwards until we find the first non-empty slot, then
shrink it to that.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
Re: How to have more than 15 pflog interfaces?
* Siju George [2012-04-11 14:25]: > On Wed, Apr 11, 2012 at 3:50 PM, Henning Brauer wrote: > > > > please try this & report back > > > > Thanks Henning but I need some help :-( > > I got the following errors and I have attached the .rej files diffs are for current of course but should work for 5.1 as well - dunno what you are trying. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: How to have more than 15 pflog interfaces?
On Wed, Apr 11, 2012 at 12:20:30PM +0200, Henning Brauer wrote:
> * Henning Brauer [2012-04-11 11:26]:
> > * Siju George [2012-04-10 08:16]:
> > > On Tue, Apr 10, 2012 at 11:40 AM, Andres Perera wrote:
> > > > altering the max might have consequences i don't know about:
> > > I will stick with 15 :-)
> >
> > actually, bumping it should be absolutely safe.
> >
> > pretty dumb limit actually, we should just dynamically allocate the
> > pflogifs array.
>
> please try this & report back
>
> Index: if_pflog.c
> ===
> RCS file: /cvs/src/sys/net/if_pflog.c,v
> retrieving revision 1.49
> diff -u -p -r1.49 if_pflog.c
> --- if_pflog.c3 Feb 2012 01:57:50 - 1.49
> +++ if_pflog.c11 Apr 2012 10:19:56 -
> @@ -80,6 +80,7 @@
> #endif
>
> void pflogattach(int);
> +int pflogifs_resize(size_t);
> int pflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
> struct rtentry *);
> int pflogioctl(struct ifnet *, u_long, caddr_t);
> @@ -91,16 +92,14 @@ LIST_HEAD(, pflog_softc) pflogif_list;
> struct if_clone pflog_cloner =
> IF_CLONE_INITIALIZER("pflog", pflog_clone_create, pflog_clone_destroy);
>
> -struct ifnet *pflogifs[PFLOGIFS_MAX];/* for fast access */
> -struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL;
> +intnpflogifs = 0;
> +struct ifnet **pflogifs = NULL; /* for fast access */
> +struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL;
>
> void
> pflogattach(int npflog)
> {
> - int i;
> LIST_INIT(&pflogif_list);
> - for (i = 0; i < PFLOGIFS_MAX; i++)
> - pflogifs[i] = NULL;
> if (pflog_mhdr == NULL)
> if ((pflog_mhdr = m_get(M_DONTWAIT, MT_HEADER)) == NULL)
> panic("pflogattach: no mbuf");
> @@ -111,14 +110,41 @@ pflogattach(int npflog)
> }
>
> int
> +pflogifs_resize(size_t n)
> +{
> + struct ifnet**p;
> + int i;
> +
> + if (n > SIZE_MAX / sizeof(struct ifnet))
> + return (EINVAL);
> + if (n == 0)
> + p = NULL;
> + else
> + if ((p = malloc(n * sizeof(struct ifnet), M_DEVBUF,
> + M_NOWAIT|M_ZERO)) == NULL)
> + return (ENOMEM);
don't you need two different index vars for this next
section?
> + for (i = 0; i < n; i++)
> + if (i < npflogifs)
> + p[i] = pflogifs[i];
> + else
> + p[i] = NULL;
something like the following with caveats that a) it is
5am-ish for me and b) i did not try compiling it:
for (i = 0, j = 0; i < n; i++, j++) {
for (; j < npflogifs && NULL == pflogifs[j]; j++)
;
if (j == npflogifs)
break;
p[i] = pflogifs[j];
}
for (; i < n; i++)
p[i] = NULL;
> +
> + if(pflogifs)
^^ nit
> + free(pflogifs, M_DEVBUF);
> + pflogifs = p;
> + npflogifs = n;
> + return (0);
> +}
> +
> +int
> pflog_clone_create(struct if_clone *ifc, int unit)
> {
> struct ifnet *ifp;
> struct pflog_softc *pflogif;
> int s;
>
> - if (unit >= PFLOGIFS_MAX)
> - return (EINVAL);
> + if (unit + 1 > npflogifs && pflogifs_resize(unit + 1) != 0)
> + return (ENOMEM);
>
> if ((pflogif = malloc(sizeof(*pflogif),
> M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL)
> @@ -154,11 +180,16 @@ int
> pflog_clone_destroy(struct ifnet *ifp)
> {
> struct pflog_softc *pflogif = ifp->if_softc;
> - int s;
> + int s, i;
>
> s = splnet();
> pflogifs[pflogif->sc_unit] = NULL;
> LIST_REMOVE(pflogif, sc_list);
> +
> + for (i = npflogifs; i > 0 && pflogifs[i - 1] != NULL; i--)
> + ; /* nothing */
> + if (i < npflogifs)
> + pflogifs_resize(i); /* error harmless here */
So, if the last pflogifs entry is NULL don't resize
down? Not really questioning the logic, but want to
make sure I understand that's what is meant, cause
there is an easier check for that than the for()-loop.
Caveats: a) 5am-ish, b) not familiar with code.
--patrick
> splx(s);
>
> if_detach(ifp);
> @@ -225,7 +256,8 @@ pflog_packet(struct pf_pdesc *pd, u_int8
> if (rm == NULL || pd == NULL || pd->kif == NULL || pd->m == NULL)
> return (-1);
>
> - if ((ifn = pflogifs[rm->logif]) == NULL || !ifn->if_bpf)
> + if (rm->logif >= npflogifs || (ifn = pflogifs[rm->logif]) == NULL ||
> + !ifn->if_bpf)
> return (0);
>
> bzero(&hdr, sizeof(hdr));
> Index: pf_ioctl.c
> ===
> RCS file: /cvs/src/sys/net/pf_ioctl.c,v
> retrieving revision 1.250
> diff -u -p -r1.250 pf_ioctl.c
> --- pf_ioctl.c3 Apr 2012 15:
Re: How to have more than 15 pflog interfaces?
On Wed, Apr 11, 2012 at 3:50 PM, Henning Brauer wrote: > > please try this & report back > Thanks Henning but I need some help :-( I got the following errors and I have attached the .rej files = # patch -p0 < patch.if_pflog Hmm... Looks like a unified diff to me... The text leading up to this was: -- |Index: if_pflog.c |=== |RCS file: /cvs/src/sys/net/if_pflog.c,v |retrieving revision 1.49 |diff -u -p -r1.49 if_pflog.c |--- if_pflog.c 3 Feb 2012 01:57:50 - 1.49 |+++ if_pflog.c 11 Apr 2012 10:19:56 - -- File to patch: sys/net/if_pflog.c Patching file sys/net/if_pflog.c using Plan A... Hunk #1 failed at 80. Hunk #2 failed at 92. Hunk #3 failed at 110. Hunk #4 failed at 180. Hunk #5 failed at 256. 5 out of 5 hunks failed--saving rejects to sys/net/if_pflog.c.rej Hmm... The next patch looks like a unified diff to me... The text leading up to this was: -- |Index: pf_ioctl.c |=== |RCS file: /cvs/src/sys/net/pf_ioctl.c,v |retrieving revision 1.250 |diff -u -p -r1.250 pf_ioctl.c |--- pf_ioctl.c 3 Apr 2012 15:09:03 - 1.250 |+++ pf_ioctl.c 11 Apr 2012 10:19:57 - -- File to patch: sys/net/pf_ioctl.c Patching file sys/net/pf_ioctl.c using Plan A... Hunk #1 failed at 2595. 1 out of 1 hunks failed--saving rejects to sys/net/pf_ioctl.c.rej done === Thanks Siju [demime 1.01d removed an attachment of type application/octet-stream which had a name of if_pflog.c.rej] [demime 1.01d removed an attachment of type application/octet-stream which had a name of pf_ioctl.c.rej]
Re: How to have more than 15 pflog interfaces?
* Henning Brauer [2012-04-11 11:26]:
> * Siju George [2012-04-10 08:16]:
> > On Tue, Apr 10, 2012 at 11:40 AM, Andres Perera wrote:
> > > altering the max might have consequences i don't know about:
> > I will stick with 15 :-)
>
> actually, bumping it should be absolutely safe.
>
> pretty dumb limit actually, we should just dynamically allocate the
> pflogifs array.
please try this & report back
Index: if_pflog.c
===
RCS file: /cvs/src/sys/net/if_pflog.c,v
retrieving revision 1.49
diff -u -p -r1.49 if_pflog.c
--- if_pflog.c 3 Feb 2012 01:57:50 - 1.49
+++ if_pflog.c 11 Apr 2012 10:19:56 -
@@ -80,6 +80,7 @@
#endif
void pflogattach(int);
+intpflogifs_resize(size_t);
intpflogoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
struct rtentry *);
intpflogioctl(struct ifnet *, u_long, caddr_t);
@@ -91,16 +92,14 @@ LIST_HEAD(, pflog_softc)pflogif_list;
struct if_clonepflog_cloner =
IF_CLONE_INITIALIZER("pflog", pflog_clone_create, pflog_clone_destroy);
-struct ifnet *pflogifs[PFLOGIFS_MAX];/* for fast access */
-struct mbuf*pflog_mhdr = NULL, *pflog_mptr = NULL;
+int npflogifs = 0;
+struct ifnet **pflogifs = NULL; /* for fast access */
+struct mbuf *pflog_mhdr = NULL, *pflog_mptr = NULL;
void
pflogattach(int npflog)
{
- int i;
LIST_INIT(&pflogif_list);
- for (i = 0; i < PFLOGIFS_MAX; i++)
- pflogifs[i] = NULL;
if (pflog_mhdr == NULL)
if ((pflog_mhdr = m_get(M_DONTWAIT, MT_HEADER)) == NULL)
panic("pflogattach: no mbuf");
@@ -111,14 +110,41 @@ pflogattach(int npflog)
}
int
+pflogifs_resize(size_t n)
+{
+ struct ifnet**p;
+ int i;
+
+ if (n > SIZE_MAX / sizeof(struct ifnet))
+ return (EINVAL);
+ if (n == 0)
+ p = NULL;
+ else
+ if ((p = malloc(n * sizeof(struct ifnet), M_DEVBUF,
+ M_NOWAIT|M_ZERO)) == NULL)
+ return (ENOMEM);
+ for (i = 0; i < n; i++)
+ if (i < npflogifs)
+ p[i] = pflogifs[i];
+ else
+ p[i] = NULL;
+
+ if(pflogifs)
+ free(pflogifs, M_DEVBUF);
+ pflogifs = p;
+ npflogifs = n;
+ return (0);
+}
+
+int
pflog_clone_create(struct if_clone *ifc, int unit)
{
struct ifnet *ifp;
struct pflog_softc *pflogif;
int s;
- if (unit >= PFLOGIFS_MAX)
- return (EINVAL);
+ if (unit + 1 > npflogifs && pflogifs_resize(unit + 1) != 0)
+ return (ENOMEM);
if ((pflogif = malloc(sizeof(*pflogif),
M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL)
@@ -154,11 +180,16 @@ int
pflog_clone_destroy(struct ifnet *ifp)
{
struct pflog_softc *pflogif = ifp->if_softc;
- int s;
+ int s, i;
s = splnet();
pflogifs[pflogif->sc_unit] = NULL;
LIST_REMOVE(pflogif, sc_list);
+
+ for (i = npflogifs; i > 0 && pflogifs[i - 1] != NULL; i--)
+ ; /* nothing */
+ if (i < npflogifs)
+ pflogifs_resize(i); /* error harmless here */
splx(s);
if_detach(ifp);
@@ -225,7 +256,8 @@ pflog_packet(struct pf_pdesc *pd, u_int8
if (rm == NULL || pd == NULL || pd->kif == NULL || pd->m == NULL)
return (-1);
- if ((ifn = pflogifs[rm->logif]) == NULL || !ifn->if_bpf)
+ if (rm->logif >= npflogifs || (ifn = pflogifs[rm->logif]) == NULL ||
+ !ifn->if_bpf)
return (0);
bzero(&hdr, sizeof(hdr));
Index: pf_ioctl.c
===
RCS file: /cvs/src/sys/net/pf_ioctl.c,v
retrieving revision 1.250
diff -u -p -r1.250 pf_ioctl.c
--- pf_ioctl.c 3 Apr 2012 15:09:03 - 1.250
+++ pf_ioctl.c 11 Apr 2012 10:19:57 -
@@ -2595,8 +2595,6 @@ pf_rule_copyin(struct pf_rule *from, str
#if NPFLOG > 0
if (!to->log)
to->logif = 0;
- if (to->logif >= PFLOGIFS_MAX)
- return (EINVAL);
#endif
to->quick = from->quick;
to->ifnot = from->ifnot;
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
Re: How to have more than 15 pflog interfaces?
On Wed, Apr 11, 2012 at 2:55 PM, Henning Brauer wrote: > > actually, bumping it should be absolutely safe. > > pretty dumb limit actually, we should just dynamically allocate the > pflogifs array. > Thanks :-) Siju
Re: How to have more than 15 pflog interfaces?
* Siju George [2012-04-10 08:16]: > On Tue, Apr 10, 2012 at 11:40 AM, Andres Perera wrote: > > altering the max might have consequences i don't know about: > I will stick with 15 :-) actually, bumping it should be absolutely safe. pretty dumb limit actually, we should just dynamically allocate the pflogifs array. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: How to have more than 15 pflog interfaces?
On Tue, Apr 10, 2012 at 11:40 AM, Andres Perera wrote:
> altering the max might have consequences i don't know about:
>
I will stick with 15 :-)
> grep -nC5 PFLOGIFS_MAX /sys/net/if_pflog.h
> 27-#ifndef _NET_IF_PFLOG_H_
> 28-#define _NET_IF_PFLOG_H_
> 29-
> 30-#include
> 31-
> 32:#define PFLOGIFS_MAX16
> 33-
> 34-struct pflog_softc {
> 35- struct ifnetsc_if; /* the interface */
> 36- int sc_unit;
> 37- LIST_ENTRY(pflog_softc) sc_list;
>
> what i do know is that the actual bug is netstart unhelpfully
> redirecting errors to dev null on ifconfig create
>
> if it didn't, you would have seen "ifconfig: SIOCIFCREATE: Invalid
argument"
>
Thanks a million for the info :-)
Siju
Re: How to have more than 15 pflog interfaces?
altering the max might have consequences i don't know about:
grep -nC5 PFLOGIFS_MAX /sys/net/if_pflog.h
27-#ifndef _NET_IF_PFLOG_H_
28-#define _NET_IF_PFLOG_H_
29-
30-#include
31-
32:#define PFLOGIFS_MAX16
33-
34-struct pflog_softc {
35- struct ifnetsc_if; /* the interface */
36- int sc_unit;
37- LIST_ENTRY(pflog_softc) sc_list;
what i do know is that the actual bug is netstart unhelpfully
redirecting errors to dev null on ifconfig create
if it didn't, you would have seen "ifconfig: SIOCIFCREATE: Invalid argument"
On Tue, Apr 10, 2012 at 12:46 AM, Siju George wrote:
> Hi,
>
> I have /etc/hostname.pflog files from 1-25.
> but only till 15 is available through ifconfig
>
>
> pflog15: flags=41 mtu 33152
> B B B B priority: 0
>
> how do I get till pflog25?
>
> Thanks
>
> Siju
How to have more than 15 pflog interfaces?
Hi, I have /etc/hostname.pflog files from 1-25. but only till 15 is available through ifconfig pflog15: flags=41 mtu 33152 priority: 0 how do I get till pflog25? Thanks Siju
