[Bug 277875] pfctl cowardly refuses to load rules, broken between 8c94ed992702 & f29af8618bf9

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 01 Apr 2024 08:24:55 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277875

--- Comment #5 from Kristof Provost <kp@freebsd.org> ---
That truss output is strange.

We only DIOCXROLLBACK from pfctl_rules() (in sbin/pfctl), and then only after a
'goto _error'.

That must mean we've failed to load one of the options in pfctl_load_options().
All but one of those are old-style ioctls and show no errors, so that would
imply that it has to be pfctl_load_logif() (i.e. pfctl_set_statusif() in
libpfctl) that fails.
However, that can really only fail if the log interface name is too long, and
that does not appear to be the case here.

That's a newly converted-to-netlink call, so at least that's somewhat plausible
at a source of shiny new bugs.

It's also all we have to go on right now. Can you try running `dtrace -n
'fbt::pf_handle_set_statusif:return { printf("%#x %#x", arg0, arg1); }'` and
then loading the relevant pf.conf?

-- 
You are receiving this mail because:
You are the assignee for the bug.