Date: Sat, 23 Mar 2024 22:23:54 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 277875] pfctl cowardly refuses to load rules, broken between 8c94ed992702 & f29af8618bf9 Message-ID: <bug-277875-7501-Mmq2ZWECtu@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-277875-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-277875-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277875 Dave Cottlehuber <dch@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #249387|0 |1 is obsolete| | Attachment #249388|0 |1 is obsolete| | --- Comment #4 from Dave Cottlehuber <dch@freebsd.org> --- Created attachment 249438 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D249438&action= =3Dedit truss log Thanks, rebuilt with that patch included. I reduced the failing ruleset to this minimal example: ``` # pfctl -s Running Enabled # pfctl -F all Ethernet rules cleared rules cleared nat cleared 0 tables deleted. 0 states cleared source tracking entries cleared pf: statistics cleared pf: interface flags reset root@# echo 'pass in quick on ng0 proto tcp to port 2200' | pfctl -vgf - No ALTQ support in kernel ALTQ related functions disabled pass in quick on ng0 proto tcp from any to any port =3D 2200 flags S/SA keep state # echo $status 1 # pfctl -s rules # ``` Evidently its not a ruleset parsing issue. I swapped ng0 for lo0 and the same situation occurs. running under truss, final lines from attached full log: ioctl(3,DIOCSETTIMEOUT,0x621da911a368) =3D 0 (0x0) ioctl(3,DIOCSETTIMEOUT,0x621da911a368) =3D 0 (0x0) ioctl(3,DIOCSETDEBUG,0x621da911a368) =3D 0 (0x0) sendto(5," \0\0\0\^P\0\^E\0\^A\0\0\0\0\0\0"...,32,0,NULL,0) =3D 32 (0x20) recvmsg(5,{0x621da911a26c,12,[{"\M-x\0\0\0\^P\0\^E\0\^A\0\0\0\0"...,65536}]= ,1,{},0,0},0) =3D 284 (0x11c) sendto(5,"\^\\0\0\0\^Q\0\^E\0\^B\0\0\0\0\0"...,28,0,NULL,0) =3D 28 (0x1c) recvmsg(5,{0x621da911a26c,12,[{"0\0\0\0\^B\0\0\0\^B\0\0\0\0\0\0"...,65536}]= ,1,{},0,0},0) =3D 48 (0x30) ioctl(3,DIOCSETHOSTID,0x621da911a368) =3D 0 (0x0) ioctl(3,DIOCSETREASS,0x621da911a368) =3D 0 (0x0) ioctl(3,DIOCKEEPCOUNTERS,0x621da911a310) =3D 0 (0x0) ioctl(3,DIOCGETLIMIT,0x621da911a300) =3D 0 (0x0) ioctl(3,DIOCSETSYNCOOKIES,0x621da911a300) =3D 0 (0x0) ioctl(3,DIOCXROLLBACK,0x621da911a398) =3D 0 (0x0) extl_if =3D "ng0" pass in quick on ng0 proto tcp from any to any port =3D 2200 flags S/SA keep state write(1,"extl_if =3D "ng0"\npass in quick o"...,97) =3D 97 (0x61) exit(0x1)=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20 process exit, rval =3D 1 trying the same ruleset on a different arm64 box with same from-source build, it works as expected - rules loaded, and output displayed. I'll do a full re-install into an empty BE next. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-277875-7501-Mmq2ZWECtu>