From owner-freebsd-bugs@FreeBSD.ORG Thu Mar 11 06:00:34 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E5B3216A4CF for ; Thu, 11 Mar 2004 06:00:34 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id C297943D41 for ; Thu, 11 Mar 2004 06:00:34 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i2BE0Ybv023963 for ; Thu, 11 Mar 2004 06:00:34 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i2BE0Yx0023962; Thu, 11 Mar 2004 06:00:34 -0800 (PST) (envelope-from gnats) Resent-Date: Thu, 11 Mar 2004 06:00:34 -0800 (PST) Resent-Message-Id: <200403111400.i2BE0Yx0023962@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Jimmy Olgeni Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A6F016A4CE for ; Thu, 11 Mar 2004 05:51:53 -0800 (PST) Received: from server.localdomain.net (unknown [81.208.57.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D20243D4C for ; Thu, 11 Mar 2004 05:51:51 -0800 (PST) (envelope-from olgeni@colby.it) Received: from server.localdomain.net (localhost [127.0.0.1]) i2BDpngN041652 for ; Thu, 11 Mar 2004 14:51:50 +0100 (CET) (envelope-from olgeni@server.localdomain.net) Received: (from olgeni@localhost) by server.localdomain.net (8.12.9p2/8.12.9/Submit) id i2BDpmiP041641; Thu, 11 Mar 2004 14:51:48 +0100 (CET) (envelope-from olgeni) Message-Id: <200403111351.i2BDpmiP041641@server.localdomain.net> Date: Thu, 11 Mar 2004 14:51:48 +0100 (CET) From: Jimmy Olgeni To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: bin/64106: rc.d: incorrect depencency between ipfilter and ipmon X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Jimmy Olgeni List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Mar 2004 14:00:35 -0000 >Number: 64106 >Category: bin >Synopsis: rc.d: incorrect depencency between ipfilter and ipmon >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Mar 11 06:00:34 PST 2004 >Closed-Date: >Last-Modified: >Originator: Jimmy Olgeni >Release: FreeBSD 5.2.1-RELEASE i386 >Organization: Colby >Environment: 5.2.1-RELEASE, -CURRENT. >Description: The ipmon script in rc.d checks if either ipfilter_enable or ipnat_enable are set, as it needs the ipl.ko module to work. Unfortunately, the rc.d/ipfilter script has ipmon listed in its REQUIRED line, so ipmon will never have a chance to start after ipfilter. If ipfilter is not compiled into the kernel, ipmon will always fail to start from rc.d at boot time. >How-To-Repeat: Set ipfilter_enable and ipmon_enable in rc.conf, then reboot and check for the following console messages: console: Setting hostname: whatever.it.is console: /etc/rc: ERROR: ipfilter module is not loaded kernel: IP Filter: v3.4.31 initialized. Default = pass all, Logging = enabled console: /etc/rc: WARNING: IP-filter: NO IPF RULES console: lo0: flags=8049 mtu 16384 >Fix: The rc.d/ipmon script should "REQUIRE" ipfilter, not the other way around. As ipnat also requires ipfilter, this should take care of any ipnat issues. >Release-Note: >Audit-Trail: >Unformatted: