Index: sys/netpfil/ipfw/ip_dn_io.c
===================================================================
--- sys/netpfil/ipfw/ip_dn_io.c
+++ sys/netpfil/ipfw/ip_dn_io.c
@@ -405,7 +405,7 @@
 	if (fs->fs.flags & DN_QSIZE_BYTES)
 		p_b = div64((p_b * len) , fs->max_pkt_size);
 	if (++q->count == 0)
-		q->random = random() & 0xffff;
+		q->random = arc4random() & 0xffff;
 	else {
 		/*
 		 * q->count counts packets arrived since last drop, so a greater
@@ -414,7 +414,7 @@
 		if (SCALE_MUL(p_b, SCALE((int64_t)q->count)) > q->random) {
 			q->count = 0;
 			/* After a drop we calculate a new random value. */
-			q->random = random() & 0xffff;
+			q->random = arc4random() & 0xffff;
 			return (1);	/* drop */
 		}
 	}
@@ -511,7 +511,7 @@
 	ni->tot_pkts++;
 	if (drop)
 		goto drop;
-	if (f->plr && random() < f->plr)
+	if (f->plr && arc4random() < f->plr)
 		goto drop;
 #ifdef NEW_AQM
 	/* Call AQM enqueue function */
@@ -583,7 +583,7 @@
 
 	if (!pf || pf->samples_no == 0)
 		return 0;
-	index  = random() % pf->samples_no;
+	index  = arc4random() % pf->samples_no;
 	bits = div64((uint64_t)pf->samples[index] * s->link.bandwidth, 1000);
 	if (index >= pf->loss_level) {
 		struct dn_pkt_tag *dt = dn_tag_get(m);
Index: sys/netpfil/ipfw/ip_dn_private.h
===================================================================
--- sys/netpfil/ipfw/ip_dn_private.h
+++ sys/netpfil/ipfw/ip_dn_private.h
@@ -265,7 +265,7 @@
 	/* RED parameters */
 	int avg;		/* average queue length est. (scaled) */
 	int count;		/* arrivals since last RED drop */
-	int random;		/* random value (scaled) */
+	u_int random;		/* random value (scaled) */
 	uint64_t q_time;	/* start of queue idle time */
 #ifdef NEW_AQM
 	void *aqm_status;	/* per-queue status variables*/