Re: ipfw: ipfw: Adding record failed: Inappropriate ioctl for device

In reply to: David Wolfskill : "Re: ipfw: ipfw: Adding record failed: Inappropriate ioctl for device"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: David Wolfskill <david_at_catwhisker.org>
Date: Sun, 12 Oct 2025 16:46:39 UTC
TL;DR: Both failing & successful invocations of /sbin/ipfw get
an "errno 25 Inappropriate ioctl for device" from attempting

	CALL  ioctl(0,TIOCGETA,$aadress)

But in the successful case, ipfw keeps on going, while in the failing
case, it's fatal after adding the first table entry.

Details:

OK; I tried that same test:

cat /tmp/t1 | /sbin/ipfw /dev/stdin

(where /tmp/t1 is a list of 10 "table 1 add ..." lines)

on a system running stable/14-n272653-051c12a5d90a; as expected, it
worked.

So then I tried each under ktrace.  In the failing case
(main-n281070-1129bf441e99), we see:

...
  2856 ipfw     CALL  mmap(0,0x600000,0x3<PROT_READ|PROT_WRITE>,0x15001002<MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(21)>,0xffffffff,0)
  2856 ipfw     RET   mmap 51717863374848/0x2f0980e00000
  2856 ipfw     CALL  cpuset_getaffinity(0x3,0x9,0xffffffffffffffff,0x80,0x24050e2c5540)
  2856 ipfw     STRU  cpuset_t [ 0, 1, 2, 3, 4, 5, 6, 7 ]
  2856 ipfw     RET   cpuset_getaffinity 0
  2856 ipfw     CALL  mprotect(0x23fcede45000,0x2000,0x1<PROT_READ>)
  2856 ipfw     RET   mprotect 0
  2856 ipfw     CALL  access(0x24050e2c699c,0x4<R_OK>)
  2856 ipfw     NAMI  "/dev/fd/0"
  2856 ipfw     RET   access 0
  2856 ipfw     CALL  open(0x24050e2c699c,0<O_RDONLY>)
  2856 ipfw     NAMI  "/dev/fd/0"
  2856 ipfw     RET   open 3
  2856 ipfw     CALL  fstat(0x3,0x24050e2c5370)
  2856 ipfw     STRU  struct stat {dev=18446744071679573768, ino=13, mode=0100644, nlink=1, uid=0, gid=0, rdev=18446744073709551615, atime=1760285783.535137000, mtime=1760274765.723262000, ctime=1760274765.723262000, birthtime=1760274747.106237000, size=233, blksize=4096, blocks=8, flags=0x0 }
  2856 ipfw     RET   fstat 0
  2856 ipfw     CALL  read(0x3,0x2f0980c08000,0x1000)
  2856 ipfw     GIO   fd 3 read 233 bytes
       "table 1 add 1.0.1.0/24
        table 1 add 1.0.2.0/23
        table 1 add 1.0.8.0/21
        table 1 add 1.0.32.0/19
        table 1 add 1.1.0.0/24
        table 1 add 1.1.2.0/23
        table 1 add 1.1.4.0/22
        table 1 add 1.1.9.0/24
        table 1 add 1.1.10.0/23
        table 1 add 1.1.12.0/22
       "
  2856 ipfw     RET   read 233/0xe9
  2856 ipfw     CALL  ioctl(0,TIOCGETA,0x24050e2c5474)
  2856 ipfw     RET   ioctl -1 errno 25 Inappropriate ioctl for device
  2856 ipfw     CALL  socket(PF_INET,0x3<SOCK_RAW>,IPPROTO_RAW)
  2856 ipfw     RET   socket 4
  2856 ipfw     CALL  getsockopt(0x4,IPPROTO_IP,IP_FW3,0x24050e2c4fa0,0x24050e2c4f20)
  2856 ipfw     RET   getsockopt 0
  2856 ipfw     CALL  getsockopt(0x4,IPPROTO_IP,IP_FW3,0x24050e2c5350,0x24050e2c50d0)
  2856 ipfw     RET   getsockopt 0
  2856 ipfw     CALL  fstat(0x1,0x24050e2c42e0)
  2856 ipfw     STRU  struct stat {dev=1895890688, ino=546, mode=020620, nlink=1, uid=0, gid=4, rdev=546, atime=1760285792, mtime=1760285792, ctime=1760285792, birthtime=-1, size=0, blksize=4096, blocks=0, flags=0x0 }
  2856 ipfw     RET   fstat 0
  2856 ipfw     CALL  ioctl(0x1,TIOCGETA,0x24050e2c4294)
  2856 ipfw     RET   ioctl 0
  2856 ipfw     CALL  write(0x1,0x2f0980c09000,0x14)
  2856 ipfw     GIO   fd 1 wrote 20 bytes
       "added: 1.0.1.0/24 0
       "
  2856 ipfw     RET   write 20/0x14
  2856 ipfw     CALL  issetugid
  2856 ipfw     RET   issetugid 0
  2856 ipfw     CALL  fstatat(AT_FDCWD,0x24050e2c4b80,0x24050e2c4f80,0)
  2856 ipfw     NAMI  "/usr/share/nls/C/libc.cat"
  2856 ipfw     RET   fstatat -1 errno 2 No such file or directory
  2856 ipfw     CALL  fstatat(AT_FDCWD,0x24050e2c4b80,0x24050e2c4f80,0)
  2856 ipfw     NAMI  "/usr/share/nls/libc/C"
  2856 ipfw     RET   fstatat -1 errno 2 No such file or directory
  2856 ipfw     CALL  fstatat(AT_FDCWD,0x24050e2c4b80,0x24050e2c4f80,0)
  2856 ipfw     NAMI  "/usr/local/share/nls/C/libc.cat"
  2856 ipfw     RET   fstatat -1 errno 2 No such file or directory
  2856 ipfw     CALL  fstatat(AT_FDCWD,0x24050e2c4b80,0x24050e2c4f80,0)
  2856 ipfw     NAMI  "/usr/local/share/nls/libc/C"
  2856 ipfw     RET   fstatat -1 errno 2 No such file or directory
  2856 ipfw     CALL  write(0x2,0x24050e2c4910,0x8)
  2856 ipfw     GIO   fd 2 wrote 8 bytes
       "Line 1: "
  2856 ipfw     RET   write 8
  2856 ipfw     CALL  write(0x2,0x24050e2c4a00,0x34)
  2856 ipfw     GIO   fd 2 wrote 52 bytes
       "Adding record failed: Inappropriate ioctl for device"
....

while in the successful case, we see:

...
  1673 ipfw     CALL  mmap(0,0x600000,0x3<PROT_READ|PROT_WRITE>,0x15001002<MAP_PRIVATE|MAP_ANON|MAP_ALIGNED(21)>,0xffffffff,0)
  1673 ipfw     RET   mmap 85264691101696/0x4d8c3ba00000
  1673 ipfw     CALL  mprotect(0x2dd45673a000,0x1000,0x1<PROT_READ>)
  1673 ipfw     RET   mprotect 0
  1673 ipfw     CALL  access(0x2ddc76ab4b73,0x4<R_OK>)
  1673 ipfw     NAMI  "/dev/stdin"
  1673 ipfw     RET   access 0
  1673 ipfw     CALL  open(0x2ddc76ab4b73,0<O_RDONLY>)
  1673 ipfw     NAMI  "/dev/stdin"
  1673 ipfw     RET   open 3
  1673 ipfw     CALL  fstat(0x3,0x2ddc76ab3580)
  1673 ipfw     STRU  struct stat {dev=82, ino=1057, mode=010000, nlink=0, uid=0, gid=0, rdev=0, atime=1760286745.775325068, mtime=1760286745.778324751, ctime=1760286745.775325068, birthtime=0, size=233, blksize=4096, blocks=1, flags=0x0 }
  1673 ipfw     RET   fstat 0
  1673 ipfw     CALL  read(0x3,0x4d8c3b809000,0x1000)
  1673 ipfw     GIO   fd 3 read 233 bytes
       "table 1 add 1.0.1.0/24
        table 1 add 1.0.2.0/23
        table 1 add 1.0.8.0/21
        table 1 add 1.0.32.0/19
        table 1 add 1.1.0.0/24
        table 1 add 1.1.2.0/23
        table 1 add 1.1.4.0/22
        table 1 add 1.1.9.0/24
        table 1 add 1.1.10.0/23
        table 1 add 1.1.12.0/22
       "
  1673 ipfw     RET   read 233/0xe9
  1673 ipfw     CALL  ioctl(0,TIOCGETA,0x2ddc76ab3684)
  1673 ipfw     RET   ioctl -1 errno 25 Inappropriate ioctl for device
  1673 ipfw     CALL  socket(PF_INET,0x3<SOCK_RAW>,IPPROTO_RAW)
  1673 ipfw     RET   socket 4
  1673 ipfw     CALL  getsockopt(0x4,IPPROTO_IP,IP_FW3,0x2ddc76ab31b0,0x2ddc76ab3130)
  1673 ipfw     RET   getsockopt 0
  1673 ipfw     CALL  getsockopt(0x4,IPPROTO_IP,IP_FW3,0x2ddc76ab3560,0x2ddc76ab32e0)
  1673 ipfw     RET   getsockopt 0
  1673 ipfw     CALL  fstat(0x1,0x2ddc76ab24f0)
  1673 ipfw     STRU  struct stat {dev=1895890688, ino=563, mode=020620, nlink=1, uid=0, gid=4, rdev=563, atime=1760286745, mtime=1760286745, ctime=1760286745, birthtime=-1, size=0, blksize=4096, blocks=0, flags=0x0 }
  1673 ipfw     RET   fstat 0
  1673 ipfw     CALL  ioctl(0x1,TIOCGETA,0x2ddc76ab24a4)
  1673 ipfw     RET   ioctl 0
  1673 ipfw     CALL  write(0x1,0x4d8c3b80a000,0x14)
  1673 ipfw     GIO   fd 1 wrote 20 bytes
       "added: 1.0.1.0/24 0
       "
  1673 ipfw     RET   write 20/0x14
  1673 ipfw     CALL  getsockopt(0x4,IPPROTO_IP,IP_FW3,0x2ddc76ab31b0,0x2ddc76ab3130)
  1673 ipfw     RET   getsockopt 0
  1673 ipfw     CALL  getsockopt(0x4,IPPROTO_IP,IP_FW3,0x2ddc76ab3560,0x2ddc76ab32e0)
  1673 ipfw     RET   getsockopt 0
  1673 ipfw     CALL  write(0x1,0x4d8c3b80a000,0x14)
  1673 ipfw     GIO   fd 1 wrote 20 bytes
       "added: 1.0.2.0/23 0
       "
....

Peace,
david
-- 
David H. Wolfskill                              david@catwhisker.org

See https://www.catwhisker.org/~david/publickey.gpg for my public key.