Date: Wed, 12 Jun 2013 12:10:46 +0200 From: Stefan Esser <se@freebsd.org> To: freebsd-stable@freebsd.org Subject: Re: Flow monitoring with PF Message-ID: <51B84926.2050002@freebsd.org> In-Reply-To: <7DB382CFB050654DBFF7A39B1F8056EB1DF68293@WPEXCHMBSL1021.central.det.win> References: <57C2DC16-7868-4C20-AB34-5B35A939D095@gsoft.com.au> <7DB382CFB050654DBFF7A39B1F8056EB1DF68293@WPEXCHMBSL1021.central.det.win>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 12.06.2013 02:17, schrieb Scott, Brian: >> I was looking at trying out flow monitoring and I found pfflowd, but unfortunately it does not work with FreeBSD >9.0. I thought about ng_netflow but that doesn't >see my tun interface which may be related to.. >> WARNING: attempt to domain_add(netgraph) after domainfinalize() > > Noise message. I've never seen it actually mean anything. This message indicates a possible problem (leading to panics under specific circumstances). I proposed a patch to fix the panic, but was reluctant to commit it, because I knew the patch was not complete (and I was working toward a better solution). It was then taken by somebody who ignored the problems with the patch and committed against my advise. That's when I stopped working on a real fix - the committer of my (incomplete) patch owns the problem now (and is not active anymore, AFAICT). The problem is that registering a network domain after the kernel has been running (e.g. when loading Netgraph as a kernel module), data structures in the kernel need to be adjusted. AFAICR, it works as long as only one new network domain is loaded (e.g. Netgraph), but may fail if another one is loaded thereafter (this used to be triggered by ISDN, which had its own network domain but is history, now). Sorry for having nothing to add on the subject of this thread ... Regards, STefan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51B84926.2050002>