From dbf1ea5d8ca275cefc2b617d2b4ba60cc7b1991c Mon Sep 17 00:00:00 2001 From: Sepherosa Ziehau Date: Mon, 5 Nov 2007 09:25:44 +0000 Subject: [PATCH] In free_chain() if we are asked to "kill default": - Set default rule pointer to NULL - Free dynamic rules(states) hash table. This avoids memory leakage when unloading ipfw(4) module, if dynamic rules(states) are created. --- sys/net/ipfw/ip_fw2.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/sys/net/ipfw/ip_fw2.c b/sys/net/ipfw/ip_fw2.c index 3eb78f7af6..40ba0c05b8 100644 --- a/sys/net/ipfw/ip_fw2.c +++ b/sys/net/ipfw/ip_fw2.c @@ -23,7 +23,7 @@ * SUCH DAMAGE. * * $FreeBSD: src/sys/netinet/ip_fw2.c,v 1.6.2.12 2003/04/08 10:42:32 maxim Exp $ - * $DragonFly: src/sys/net/ipfw/ip_fw2.c,v 1.34 2007/11/05 08:58:35 sephe Exp $ + * $DragonFly: src/sys/net/ipfw/ip_fw2.c,v 1.35 2007/11/05 09:25:44 sephe Exp $ */ #define DEB(x) @@ -2130,8 +2130,19 @@ free_chain(struct ip_fw **chain, int kill_default) (kill_default || rule->rulenum != IPFW_DEFAULT_RULE) ) delete_rule(chain, NULL, rule); + KASSERT(dyn_count == 0, ("%u dyn rule remains\n", dyn_count)); + if (kill_default) { - ip_fw_default_rule = NULL; + ip_fw_default_rule = NULL; /* Reset default rule */ + + if (ipfw_dyn_v != NULL) { + /* + * Free dynamic rules(state) hash table + */ + kfree(ipfw_dyn_v, M_IPFW); + ipfw_dyn_v = NULL; + } + KASSERT(static_count == 0, ("%u static rules remains\n", static_count)); KASSERT(static_ioc_len == 0, @@ -2143,7 +2154,6 @@ free_chain(struct ip_fw **chain, int kill_default) ("%u bytes of static rules remains, should be %u\n", static_ioc_len, IOC_RULESIZE(ip_fw_default_rule))); } - KASSERT(dyn_count == 0, ("%u dyn rule remains\n", dyn_count)); } /** -- 2.11.4.GIT