Date: Mon, 15 Dec 2025 14:22:18 +0000 From: bugzilla-noreply@freebsd.org To: testing@FreeBSD.org Subject: [Bug 291548] Multiple failing 'sys/netpfil/common' testcases in CI Message-ID: <bug-291548-32464-77fvOD2q4B@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-291548-32464@https.bugs.freebsd.org/bugzilla/> References: <bug-291548-32464@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291548 Siva Mahadevan <me@svmhdvn.name> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |me@svmhdvn.name --- Comment #3 from Siva Mahadevan <me@svmhdvn.name> --- Created attachment 266211 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=266211&action=edit kyua test report The patch doesn't immediately fix the test cases upon running it the first time. I'm only able to get a pass when I boot bhyve with net.inet.ipf.jail_allowed=1 in /etc/sysctl.conf, rather than inline with the testcases like in the patch. In the example testcase 'pass_block:ipf_v4', the failing line is here: v4_body() { [...] # Block All firewall_config "iron" ${firewall} \ "pf" \ "block in" \ "ipfw" \ "ipfw -q add 100 deny all from any to any" \ "ipf" \ "block in all" Digging deeper, this call within firewall_config fails: firewall_config() { [...] elif [ ${fw} == "ipf" ]; then jexec ${jname} ipf -E # THIS LINE FAILS with "User/kernel version check failed" jexec ${jname} ipf -Fa -f $cwd/ipf.rule Could you take a look? I'm able to repro with Bricoler, and I've attached a test report in this bug. -- You are receiving this mail because: You are on the CC list for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-291548-32464-77fvOD2q4B>