Date: Fri, 25 Jan 2008 14:39:28 -0800 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Gavin Spomer <spomerg@cwu.EDU> Cc: freebsd-pf@freebsd.org Subject: Re: How does /dev/pf get created? Message-ID: <20080125223928.GA49313@eos.sc1.parodius.com> In-Reply-To: <4799EFC0020000900001307D@hermes.cwu.edu> References: <4799EFC0020000900001307D@hermes.cwu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jan 25, 2008 at 02:18:40PM -0800, Gavin Spomer wrote:
> >>> Gary Palmer <gpalmer@freebsd.org> 01/25/08 1:47 PM >>>
> ENOENT ("No such file or directory") can also mean that a symbol that the
> module requires cannot be found in the kernel. This can be many things,
> including a missing prerequisite module or that the module was built with
> a different set of options to the currently running kernel.
> Check dmesg to see if there is a related error message from the kernel.
> Geez, I'm so embarrassed. This is the first time I've ever run
> dmesg. Lots of stuff in there; anything in particular I'm looking
> for?
>
> {snip}
>
> Limiting closed port RST response from 1077 to 200 packets/sec
Are you using this box for torrents or are you being DoS'd in any way?
This is an awful large sum of TCP RST packets to receive; if it's
normal, you can tune this with a sysctl, I believe.
You should also consider looking at the blackhole(4) manpage, as those
may help you as well. However, those aren't needed if you manage to get
pf up and working and set up a good firewall list. :-)
> bce0: promiscuous mode enabled
> bce0: promiscuous mode disabled
Probably caused by packet sniffer use (tcpdump, snoop, Wireshark, etc.).
> pid 34320 (conftest), uid 0: exited on signal 12 (core dumped)
conftest coredumps are "normal" -- they even happen on Linux. Some
software you installed did this. Usually it happens in software that
uses GNU autoconf to do some compiler tests. I'd really love to find
out why they happen and strangle whoever introduced it, though.
> link_elf: symbol altq_remove undefined
> link_elf: symbol altq_remove undefined
> link_elf: symbol altq_remove undefined
> link_elf: symbol altq_remove undefined
> link_elf: symbol altq_remove undefined
> link_elf: symbol altq_remove undefined
And, very likely, here is the cause of your pf problem. :-) Please go
back to what I said about your kernel configuration -- you're missing a
lot of "option" arguments for ALTQ support. Add all of the ones I gave
you, follow the instructions for buildkernel/installkernel, and it
should all begin working.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080125223928.GA49313>