Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 5 Nov 2014 07:15:21 +1100 (EST)
From:      Dave Horsfall <dave@horsfall.org>
To:        FreeBSD PF List <freebsd-pf@freebsd.org>
Subject:   Re: Getting tables to work in PF
Message-ID:  <alpine.BSF.2.00.1411050708440.1220@aneurin.horsfall.org>
In-Reply-To: <alpine.BSF.2.00.1411041131590.1220@aneurin.horsfall.org>
References:  <alpine.BSF.2.00.1411031433070.1220@aneurin.horsfall.org> <CAPBZQG2b7=iiGLsj-vtuiaWRUJ-Gk6n9JwCXxVjCMeVEqsuing@mail.gmail.com> <alpine.BSF.2.00.1411032002560.1220@aneurin.horsfall.org> <CAPBZQG2DKNGSGRNu8%2BMAdEtyH5vj85dpxRUY2kMwDOZ44f7PJA@mail.gmail.com> <alpine.BSF.2.00.1411032123560.1220@aneurin.horsfall.org> <BD387CA3-84BE-4BA1-8943-BD77539D8E08@lafn.org> <alpine.BSF.2.00.1411040921240.1220@aneurin.horsfall.org> <478A1469-F6EE-4D8D-B51F-B41C97626439@lafn.org> <alpine.BSF.2.00.1411041131590.1220@aneurin.horsfall.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, 4 Nov 2014, Dave Horsfall wrote:

> The rules?  Not a sausage.  It's behaving as though it's reading the 
> file (which it is), but not honouring the rules themselves (which it 
> isn't).

A bit more progress; I finally got around to tracing it, and the salient 
bit is:

(Many calls to set rules)

(Many calls to set timeouts)

 13925 pfctl    CALL  ioctl(0x3,DIOCSETDEBUG,0xbfbfdc84)
 13925 pfctl    RET   ioctl 0
 13925 pfctl    CALL  ioctl(0x3,DIOCSETSTATUSIF,0xbfbfdc5c)
 13925 pfctl    RET   ioctl -1 errno 22 Invalid argument

Aha...  So, what's so invalid about it?  I don't have kernel source (my 
installation was interrupted by a long stay in hospital), so I cannot 
investigate any further.

And my plea as before:

> So, if pf(4) actually known to work on:
> 
>     FreeBSD aneurin.horsfall.org 8.2-RELEASE-p3 FreeBSD 8.2-RELEASE-p3 #0: Tue Sep 27 18:07:27 UTC 2011     root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  i386
> 
> and if so, does anyone have a working sample pf.conf from such a box?

Thanks.

-- 
Dave Horsfall (VK2KFU)  "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're there)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1411050708440.1220>