Network simulation using jails & vimage

Julian Elischer julian at elischer.org
Fri Mar 5 19:46:49 UTC 2010 

jim at sifferle.net wrote:
> 
> On February 23, 2010 at 10:11 AM "Ermal Luçi" <eri at freebsd.org> wrote:
> 
>  > On Sun, Feb 21, 2010 at 6:14 PM, Julian Elischer 
> <julian at elischer.org>wrote:
>  >
>  > > Bjoern A. Zeeb wrote:
>  > >
>  > >> On Sun, 21 Feb 2010, Julian Elischer wrote:
>  > >>
>  > >> Hi,
>  > >>
>  > >>  Jim Sifferle wrote:
>  > >>>
>  > >>>> Hi,
>  > >>>>
>  > >>>> Does any FreeBSD branch / vimage release combination support 
> separate pf
>  > >>>> AND ipfw configurations per jail?  I need ipfw+pf/altq for HFSC 
> queuing
>  > >>>
>  > >>> -current (9) should be close, with patches for pf supplied by ceri.
>  > >>
>  > >> s,ceri,eri,  (Ermal Luçi)
>  > >
>  > > it'd be nice if itcould get committed
>  > >
>  > > Ermal, is it ready?
>  > >
>  > It is usable look at http://svn.freebsd.org/base/user/eri/pf45/head/.
>  > For vnet pfsync/pflow/pflog needs some fixes still.
>  >
> 
> I just now had some time to put together a CURRENT box for testing.  I'm 
> getting a 'Fatal trap 12: page fault while in kernel mode' whenever I 
> boot with pf_enable set to YES in rc.conf.  Here's my current setup:
> 
>  
> 
> - FreeBSD CURRENT cvs snapshot as of 2/25/10, running AMD64 kernel
> 
> - GENERIC kernel compiled with ALTQ and VIMAGE options, invariants and 
> witness options disabled, plus Imunes patch for FreeBSD 8 RC3 available 
> here: http://imunes.net/imunes-8.0-RC3.diff
> 
> - pf loaded as module with very simple pass all pf.conf
> 
> - ipfw not loaded
> 
>  
> 
> The Fatal trap seems to occur when pfctl is run.

This is unfortunately one for Ermal, as I wouldn't know a pfctl 
command if it came up and kicked me in the shins.  :-)

We really should try get the new pf stuff into -current so that
it gets more testing.


> 
> I am recompiling my kernel with all debugging options turned on.  
> Hopefully I can get a good kernel dump.  I will also try with fresh 
> kernel sources skipping the Imunes patch.  Anything else I should try?
> 
>  
> 
> Thanks for your help,
> 
>  
> 
> Jim
>

More information about the freebsd-pf mailing list