From nobody Sun Oct 12 08:15:30 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cktbT6gdwz6BVbV for ; Sun, 12 Oct 2025 08:16:05 +0000 (UTC) (envelope-from freebsd@walstatt-de.de) Received: from smtp6.goneo.de (smtp6.goneo.de [85.220.129.31]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4cktbT2jcLz3NN4 for ; Sun, 12 Oct 2025 08:16:05 +0000 (UTC) (envelope-from freebsd@walstatt-de.de) Authentication-Results: mx1.freebsd.org; none Received: from hub1.goneo.de (hub1.goneo.de [IPv6:2001:1640:5::8:52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp6.goneo.de (Postfix) with ESMTPS id B9190240EE6; Sun, 12 Oct 2025 10:16:02 +0200 (CEST) Received: from hub1.goneo.de (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by hub1.goneo.de (Postfix) with ESMTPS id 80A8D240255; Sun, 12 Oct 2025 10:16:00 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=walstatt-de.de; s=DKIM001; t=1760256960; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=BrN3gWZS1XFWr7qROPGMXJHJcrqmqCcrCXLWCzXfQHY=; b=tAtvLx1yV8FXfVNTJgKY0bHsqDP+E9+oRV+YQ3LP5Vcsy9g555gRlpSciJ/ekqnZl1gYxY mjqICO3pqIqIixBHxcBKGTWiX1YhM9pDlyWP4WTs2dUzkQWjDTvEzf3P/pxMk9EbMCU0TU YDvxVVGwzovyiyBwd9hDbpdyKgLBBFYah26RwtEnsXVb83hGmfIzZ11STHdokHLtpyJXdn fVgC9PArabRtIayi1iEvypkvdBYa6JywSRTxwPg2YPYFcXsDmP7/mTjopPeFf4UoeIXn2A 1SqbME4+1Kj9xcLWCOG7oiZG//cyMajs9MXK2a/gzOAfETsm4Y9zAFdoG17jaw== Received: from thor.sb211.local (dynamic-2a02-3100-19ba-c502-934b-d8c4-4501-575f.310.pool.telefonica.de [IPv6:2a02:3100:19ba:c502:934b:d8c4:4501:575f]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by hub1.goneo.de (Postfix) with ESMTPSA id 321842400FD; Sun, 12 Oct 2025 10:15:58 +0200 (CEST) Date: Sun, 12 Oct 2025 10:15:30 +0200 From: A FreeBSD User To: Ronald Klop Cc: FreeBSD CURRENT Subject: Re: ipfw: ipfw: Adding record failed: Inappropriate ioctl for device Message-ID: <20251012101440.74d9173a@thor.sb211.local> In-Reply-To: <1720635174.15495.1760209498568@localhost> References: <20251011155130.47db5448@thor.sb211.local> <1720635174.15495.1760209498568@localhost> X-Mailer: Claws Mail 3.21.0 (GTK+ 2.24.33; amd64-portbld-freebsd15.0) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/TxO1I73rxUMkkvPm7X4zwAd"; protocol="application/pgp-signature"; micalg=pgp-sha512 X-Rspamd-UID: b6d66f X-Rspamd-UID: 6d2d5b X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:25394, ipnet:85.220.128.0/17, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: 4cktbT2jcLz3NN4 --Sig_/TxO1I73rxUMkkvPm7X4zwAd Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Am Tage des Herren Sat, 11 Oct 2025 21:04:58 +0200 (CEST) Ronald Klop schrieb: > Hi, >=20 > Are you sure the /sbin/ipfw binary is also from 15-STABLE? >=20 > Regards, > Ronald Yes. The whole system is rebuilt regularily (make world kernel so to speak). I d= o not risc getting into phenomena based upon kernel/world out of phase anymore - at least I be= lieve/hope so. >=20 >=20 > Van: A FreeBSD User > Datum: 11 oktober 2025 15:52 > Aan: FreeBSD CURRENT > Onderwerp: ipfw: ipfw: Adding record failed: Inappropriate ioctl for devi= ce >=20 > >=20 > >=20 > >=20 > > Hello, > >=20 > > running a small home brewn firewall appliance based upon FreeBSD 14-ST= ABLE and IPFW, I > > switched the base to 15-STABLE (FreeBSD 15.0-STABLE #5 n280665-6eb4708a= 84d7: Sat Oct 11 > > 09:08:00 CEST 2025 amd64). > >=20 > > Now I face a serious issue with formerly flawless running skripts filli= ng ipfw tables and > > the readynes of the system after a reboot. > >=20 > > tables: > > creating some named tables. > > Having a list of IPv4 and IPv6 addresses that needed to be blocked, lik= e VoIP Blacklist > > with over 35k lines. Each line (IPv4) is=20 > >=20 > > X.X.X.X/CIDR > >=20 > > Shell is /bin/sh. > >=20 > > Reading the file and filling the table like shown below; > > tbl_block=3Dfoo > >=20 > > #/usr/bin/env sh > > ipfw table $tbl_block create type addr or-flush > > while read -r line > > do ipfw table $tbl_block atomic add $line > > done < /some/path/to/block_file.txt > >=20 > > The block_file.txt looks like > >=20 > > [...] > > 45.143.220.228/32 > > 68.64.211.117/32 > > 113.141.70.204/32 > > 77.247.110.245/32 > > 103.211.36.18/32 > > 156.96.63.238/32 > > 185.53.88.2/32 > > 185.53.88.14/32 > > 52.8.201.128/32 > > 113.141.70.184/32 > > 115.236.54.2/32 > > 50.17.48.216/32 > > 77.247.108.138/32 > > 77.247.110.216/32 > > 171.76.62.142/32 > > 77.247.110.227/32 > > 62.4.15.163/32 > > 158.69.242.200/32 > > 185.53.88.129/32 > > 102.165.39.82/32 > > 103.231.139.130/32 > > 69.142.172.14/32 > > 148.76.71.148/32 > > 82.70.244.121/32 > > 77.247.109.72/32 > > 52.41.52.34/32 > > [...] > >=20 > > While running the skript, each time an address is picked up and inserte= d to the table, I > > see this on the console: > >=20 > > [...] > > added(reverted): 45.143.220.228/32 0 > > ipfw: Adding record failed: Inappropriate ioctl for device > > added(reverted): 68.64.211.117/32 0 > > ipfw: Adding record failed: Inappropriate ioctl for device > > added(reverted): 113.141.70.204/32 0 > > ipfw: Adding record failed: Inappropriate ioctl for device > > added(reverted): 77.247.110.245/32 0 > > ipfw: Adding record failed: Inappropriate ioctl for device > >=20 > > I never saw this happen on 14-STABLE with the very same scripts. What i= s the cause of this > > ioctl issue? > >=20 > > Thanks and kind regards, > >=20 > > Oliver > >=20 > >=20 > >=20 > >=20 > >=20 > >=20 > > --=20 > >=20 > > A FreeBSD user > >=20 > >=20 > >=20 > >=20 > >=20 > >=20 > > =20 --=20 A FreeBSD user --Sig_/TxO1I73rxUMkkvPm7X4zwAd Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRQheDybVktG5eW/1Kxzvs8OqokrwUCaOtjvQAKCRCxzvs8Oqok r/sdAQCoXQfhtgNRtFFRDAjjLAY3vFsRHZ0ZTOn8u9VTwWidQwEAjaHDvfrQkOk7 VXTs1Wx2/Ctbe5q3Xx1Ikyj6DMcT4A8= =ejpQ -----END PGP SIGNATURE----- --Sig_/TxO1I73rxUMkkvPm7X4zwAd--