aboutsummaryrefslogtreecommitdiff
path: root/sys/netpfil/pf
diff options
context:
space:
mode:
authorKristof Provost <kp@FreeBSD.org>2021-07-20 19:03:08 +0000
committerKristof Provost <kp@FreeBSD.org>2021-07-20 19:13:25 +0000
commit32271c4d383effeac7878201ef5cbdfaeedc3755 (patch)
treebefba1ff0f9d56f94739466a3e4a404482078cb0 /sys/netpfil/pf
parent84db87b8dafd9e9970fd36ac48c11ffdc89d31d0 (diff)
downloadsrc-32271c4d383effeac7878201ef5cbdfaeedc3755.tar.gz
src-32271c4d383effeac7878201ef5cbdfaeedc3755.zip
pf: clean up syncookie callout on vnet shutdown
Ensure that we cancel any outstanding callouts for syncookies when we terminate the vnet. MFC after: 1 week Sponsored by: Modirum MDPay
Diffstat (limited to 'sys/netpfil/pf')
-rw-r--r--sys/netpfil/pf/pf_ioctl.c1
-rw-r--r--sys/netpfil/pf/pf_syncookies.c6
2 files changed, 7 insertions, 0 deletions
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index a9f5b2c18041..27e1a145f3ec 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -5573,6 +5573,7 @@ pf_unload_vnet(void)
dehook_pf();
PF_RULES_WLOCK();
+ pf_syncookies_cleanup();
shutdown_pf();
PF_RULES_WUNLOCK();
diff --git a/sys/netpfil/pf/pf_syncookies.c b/sys/netpfil/pf/pf_syncookies.c
index 0313b817ad6d..8699ae855ec8 100644
--- a/sys/netpfil/pf/pf_syncookies.c
+++ b/sys/netpfil/pf/pf_syncookies.c
@@ -127,6 +127,12 @@ pf_syncookies_init(void)
PF_RULES_WUNLOCK();
}
+void
+pf_syncookies_cleanup(void)
+{
+ callout_stop(&V_pf_syncookie_status.keytimeout);
+}
+
int
pf_get_syncookies(struct pfioc_nv *nv)
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-11 10:46:50 +0000