You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Race condition when unloading ALG module: npf_nat_freealg() vs lock-free readers.
Inspection as a loop in npf_alg_conn() is not particularly efficient. It could be optimized to be: 1) per-protocol 2) only limited to ALGs which perform inspection, rather than all.
npf_alg_exec() should only be performed if the NAT entry has an associated ALG; it is currently applicable only for the dynamic NAT anyway. If there will be ALGs operating with the static NAT, then npfa_funcs_t::snat could be added.
npf_nat_freealg()vs lock-free readers.npf_alg_conn()is not particularly efficient. It could be optimized to be: 1) per-protocol 2) only limited to ALGs which perform inspection, rather than all.npf_alg_exec()should only be performed if the NAT entry has an associated ALG; it is currently applicable only for the dynamic NAT anyway. If there will be ALGs operating with the static NAT, thennpfa_funcs_t::snatcould be added.