diff options
| author | mlaier <mlaier@FreeBSD.org> | 2004-10-08 12:07:20 +0000 |
|---|---|---|
| committer | mlaier <mlaier@FreeBSD.org> | 2004-10-08 12:07:20 +0000 |
| commit | 46859ca7fcb0d776977156eb0aa5abba3a550d22 (patch) | |
| tree | 70c306e758314568bd71a53e596494123c9c7ced /share | |
| parent | d21b76886c1aea87770916034d1d1248e2485174 (diff) | |
| download | FreeBSD-src-46859ca7fcb0d776977156eb0aa5abba3a550d22.zip FreeBSD-src-46859ca7fcb0d776977156eb0aa5abba3a550d22.tar.gz | |
Change pfil starvation prevention from fail-open to fail-close.
We return ENOBUF to indicate the problem, which is an errno that should be
handled well everywhere.
Requested & Submitted by: green
Silently okay'ed by: The rest of the firewall gang
MFC after: 3 days
Diffstat (limited to 'share')
| -rw-r--r-- | share/man/man9/pfil.9 | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/share/man/man9/pfil.9 b/share/man/man9/pfil.9 index 293e605..4416b30 100644 --- a/share/man/man9/pfil.9 +++ b/share/man/man9/pfil.9 @@ -203,8 +203,12 @@ When a .Vt pfil_head is being modified, no traffic is diverted (to avoid deadlock). -This means that unwanted traffic may flow for a short period +This means that traffic may be dropped unconditionally for a short period of time. +.Fn pfil_run_hooks +will return +.Dv ENOBUF +to indicate this. .Sh SEE ALSO .Xr bpf 4 , .Xr bridge 4 |
