[Bug 277875] pfctl cowardly refuses to load rules, broken between 8c94ed992702 & f29af8618bf9
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 01 Apr 2024 08:24:55 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277875 --- Comment #5 from Kristof Provost <kp@freebsd.org> --- That truss output is strange. We only DIOCXROLLBACK from pfctl_rules() (in sbin/pfctl), and then only after a 'goto _error'. That must mean we've failed to load one of the options in pfctl_load_options(). All but one of those are old-style ioctls and show no errors, so that would imply that it has to be pfctl_load_logif() (i.e. pfctl_set_statusif() in libpfctl) that fails. However, that can really only fail if the log interface name is too long, and that does not appear to be the case here. That's a newly converted-to-netlink call, so at least that's somewhat plausible at a source of shiny new bugs. It's also all we have to go on right now. Can you try running `dtrace -n 'fbt::pf_handle_set_statusif:return { printf("%#x %#x", arg0, arg1); }'` and then loading the relevant pf.conf? -- You are receiving this mail because: You are the assignee for the bug.