Date: Sat, 06 Mar 2010 00:04:34 -0800 From: Jim Sifferle <jim@sifferle.net> To: Ermal =?ISO-8859-1?Q?Lu=E7i?= <eri@freebsd.org>, Julian Elischer <julian@elischer.org> Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, FreeBSD virtualization mailing list <freebsd-virtualization@freebsd.org>, pf@freebsd.org Subject: Re: Network simulation using jails & vimage Message-ID: <1267862674.29050.25.camel@localhost> In-Reply-To: <477684154.296223.1267820136159.JavaMail.open-xchange@oxusltgw09.schlund.de> References: <1266739527.25137.519.camel@localhost> <4B80F076.5020109@elischer.org> <20100221084118.W27327@maildrop.int.zabbadoz.net> <4B8169EB.4030100@elischer.org> <9a542da31002230211k2fb5d99do7ed574a8cd94f4d9@mail.gmail.com> <900375163.294375.1267816560546.JavaMail.open-xchange@oxusltgw09.schlund.de> <4B915CB5.4070702@elischer.org> <477684154.296223.1267820136159.JavaMail.open-xchange@oxusltgw09.schlund.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2010-03-05 at 15:15 -0500, jim@sifferle.net wrote: > On March 5, 2010 at 7:34 PM Julian Elischer <julian@elischer.org> wrote: > > > jim@sifferle.net wrote: > > > > > > I just now had some time to put together a CURRENT box for testing. I'm > > > getting a 'Fatal trap 12: page fault while in kernel mode' whenever I > > > boot with pf_enable set to YES in rc.conf. Here's my current setup: > > > > > > > This is unfortunately one for Ermal, as I wouldn't know a pfctl > > command if it came up and kicked me in the shins. :-) > > > > We really should try get the new pf stuff into -current so that > > it gets more testing. > > > Thanks for your quick reply... > > I think my first problem is I didn't pull the sources from the folder Ermal > mentioned: http://svn.freebsd.org/base/user/eri/pf45/head/. > > I misunderstood and thought it had been put in CURRENT. I will download > the correct > sources and try again. > Hi Ermal, Forgive my ignorance, but how would you recommend I build my system to test the new pf code? Here's what I tried earlier today: 1) Start with a CURRENT system with sources from 2/25 2) Download the new sources from svn using the link you provided na-lab-wan-3# svn info Path: . URL: http://svn.freebsd.org/base/user/eri/pf45/head Repository Root: http://svn.freebsd.org/base Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f Revision: 204768 Node Kind: directory Schedule: normal Last Changed Author: eri Last Changed Rev: 204245 Last Changed Date: 2010-02-23 01:58:12 -0800 (Tue, 23 Feb 2010) 3) Build and install a new kernel with the updated sources. But, I could not compile with ALTQ support enabled. Is ALTQ available yet with the new pf, or is it still a work in progress like pflog and pfsync? cc -O2 -pipe -fno-strict-aliasing -Werror -D_KERNEL -DKLD_MODULE <SNIP> /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c: In function 'pf_begin_altq': /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c:894: error: 'altqs_inactive_open' undeclared (first use in this function) /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c:894: error: (Each undeclared identifier is reported only once /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c:894: error: for each function it appears in.) /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c: In function 'pf_rollback_altq': /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c:934: error: 'altqs_inactive_open' undeclared (first use in this function) /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c: In function 'pf_commit_altq': /usr/src_new/head/sys/modules/pf/../../contrib/pf/net/pf_ioctl.c:1024: error: 'altqs_inactive_open' undeclared (first use in this function) *** Error code 1 <SNIP> 4) Reboot, load pf module, attempt to run pfctl -f /etc/pf.conf with this error: No ALTQ support in kernel ALTQ related functions disabled pfctl: DIOCADDRULE: Operation not supported by device 5) Attempt to rebuild pfctl from /usr/src_new/sbin/pfctl to deal with the 'Operation not supported by device' error. I get this error: cc -O2 -pipe -Wall -Wmissing-prototypes -Wno-uninitialized -Wstrict-prototypes -I/usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl -DENABLE_ALTQ -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -Wno-uninitialized -Wno-pointer-sign -c /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c cc1: warnings being treated as errors In file included from /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:64: /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.h:119: warning: 'struct pfsync_state_peer' declared inside parameter list /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.h:119: warning: its scope is only this definition or declaration, which is probably not what you want /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.h:120: warning: 'struct pfsync_state' declared inside parameter list /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_clear_states': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:393: error: 'struct pfioc_state_kill' has no member named 'psk_killed' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_kill_src_nodes': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:532: error: 'struct pfioc_src_node_kill' has no member named 'psnk_killed' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:538: error: 'struct pfioc_src_node_kill' has no member named 'psnk_killed' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_net_kill_states': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:638: error: 'struct pfioc_state_kill' has no member named 'psk_killed' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:644: error: 'struct pfioc_state_kill' has no member named 'psk_killed' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_label_kill_states': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:670: error: 'struct pfioc_state_kill' has no member named 'psk_label' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:670: error: 'struct pfioc_state_kill' has no member named 'psk_label' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:671: error: 'struct pfioc_state_kill' has no member named 'psk_label' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:678: error: 'struct pfioc_state_kill' has no member named 'psk_killed' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_id_kill_states': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:695: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:695: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:696: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:696: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:697: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:698: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:703: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:708: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:708: error: 'struct pfioc_state_kill' has no member named 'psk_pfcmp' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:713: error: 'struct pfioc_state_kill' has no member named 'psk_killed' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_print_rule_counters': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:805: error: 'struct pf_rule' has no member named 'states_cur' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:810: error: 'struct pf_rule' has no member named 'states_tot' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_show_rules': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:922: error: 'struct pf_rule' has no member named 'states_tot' /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c: In function 'pfctl_show_states': /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:1087: warning: assignment from incompatible pointer type /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:1088: error: dereferencing pointer to incomplete type /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:1088: error: increment of pointer to unknown structure /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:1088: error: arithmetic on pointer to an incomplete type /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:1088: warning: left-hand operand of comma expression has no effect /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:1089: error: dereferencing pointer to incomplete type /usr/src_new/head/sbin/pfctl/../../contrib/pf/pfctl/pfctl.c:1095: warning: passing argument 1 of 'print_state' from incompatible pointer type *** Error code 1 Thanks for any help you can provide... Jim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1267862674.29050.25.camel>