From owner-svn-src-head@FreeBSD.ORG Wed Nov 2 13:35:35 2011 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 973DB106564A; Wed, 2 Nov 2011 13:35:35 +0000 (UTC) (envelope-from pluknet@gmail.com) Received: from mail-vx0-f182.google.com (mail-vx0-f182.google.com [209.85.220.182]) by mx1.freebsd.org (Postfix) with ESMTP id EC0FE8FC0C; Wed, 2 Nov 2011 13:35:34 +0000 (UTC) Received: by vcbfk26 with SMTP id fk26so211563vcb.13 for ; Wed, 02 Nov 2011 06:35:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=vLa373BGYxIcP8e6bLdwWviSRQl/k+XMBUR6/v/uDNc=; b=D3SFnmp46sAMOfj5Nr6NgOcX40tEHKocUfE7mz7F0nmnQvoIaEogBYAw/IsXFJ43GR 4WvGF8USP86luJk8Pp7XLVh4Wl7rpJAhNCPm77k81tZE5oPubqoJM+RavlB3+o+SeAat WxOkIREAFe+j68/3g7eoTfqPcdEpRH/21UtsA= MIME-Version: 1.0 Received: by 10.182.110.1 with SMTP id hw1mr901048obb.38.1320240934097; Wed, 02 Nov 2011 06:35:34 -0700 (PDT) Sender: pluknet@gmail.com Received: by 10.182.89.41 with HTTP; Wed, 2 Nov 2011 06:35:34 -0700 (PDT) In-Reply-To: References: <201109271327.p8RDRHs8024689@svn.freebsd.org> Date: Wed, 2 Nov 2011 16:35:34 +0300 X-Google-Sender-Auth: p_4trOgU7Ch6_CWxhnhSGpVp8dU Message-ID: From: Sergey Kandaurov To: "Bjoern A. Zeeb" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r225793 - in head/sys: modules/ipfw netinet/ipfw X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Nov 2011 13:35:35 -0000 On 2 November 2011 16:53, Bjoern A. Zeeb wrote: > On Wed, 2 Nov 2011, Sergey Kandaurov wrote: > >> On 27 September 2011 17:27, Bjoern A. Zeeb wrote: >>> >>> Author: bz >>> Date: Tue Sep 27 13:27:17 2011 >>> New Revision: 225793 >>> URL: http://svn.freebsd.org/changeset/base/225793 >>> >>> Log: >>> =A0Unbreak no-ip and no-inet6 module builds with ipfw. =A0For now conti= nue to >>> =A0build the ip_fw_pfil.c hooks and ipfw even in case of no-ip under th= e >>> =A0assumption that the private L2 hook (which hopefully eventually will= be >>> a >>> =A0pfil hook as well) can still be useful. >>> >>> =A0Allow building the module without inet as well. >>> >>> =A0Glanced at by: =A0 =A0 =A0 =A0jhb >>> =A0MFC after: =A0 =A03 days >>> >>> Modified: >>> =A0head/sys/modules/ipfw/Makefile >>> =A0head/sys/netinet/ipfw/ip_fw_pfil.c >>> >>> Modified: head/sys/modules/ipfw/Makefile >>> >>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D >>> --- head/sys/modules/ipfw/Makefile =A0 =A0 =A0Tue Sep 27 13:20:41 2011 >>> =A0(r225792) >>> +++ head/sys/modules/ipfw/Makefile =A0 =A0 =A0Tue Sep 27 13:27:17 2011 >>> =A0(r225793) >>> @@ -8,7 +8,7 @@ KMOD=3D =A0 ipfw >>> =A0SRCS=3D =A0ip_fw2.c ip_fw_pfil.c >>> =A0SRCS+=3D ip_fw_dynamic.c ip_fw_log.c >>> =A0SRCS+=3D ip_fw_sockopt.c ip_fw_table.c >>> -SRCS+=3D opt_inet6.h opt_ipfw.h opt_ipsec.h >>> +SRCS+=3D opt_inet.h opt_inet6.h opt_ipfw.h opt_ipsec.h >>> >>> =A0CFLAGS+=3D -DIPFIREWALL >>> =A0CFLAGS+=3D -I${.CURDIR}/../../contrib/pf >>> @@ -22,6 +22,10 @@ CFLAGS+=3D -I${.CURDIR}/../../contrib/pf >>> =A0# >>> >>> =A0.if !defined(KERNBUILDDIR) >>> +.if ${MK_INET_SUPPORT} !=3D "no" >>> +opt_inet.h: >>> + =A0 =A0 =A0 echo "#define INET 1" > ${.TARGET} >>> +.endif >>> =A0.if ${MK_INET6_SUPPORT} !=3D "no" >>> =A0opt_inet6.h: >>> =A0 =A0 =A0 =A0echo "#define INET6 1" > ${.TARGET} >>> >>> Modified: head/sys/netinet/ipfw/ip_fw_pfil.c >>> >>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D >>> --- head/sys/netinet/ipfw/ip_fw_pfil.c =A0Tue Sep 27 13:20:41 2011 >>> =A0(r225792) >>> +++ head/sys/netinet/ipfw/ip_fw_pfil.c =A0Tue Sep 27 13:27:17 2011 >>> =A0(r225793) >>> @@ -31,11 +31,11 @@ __FBSDID("$FreeBSD$"); >>> =A0#if !defined(KLD_MODULE) >>> =A0#include "opt_ipdn.h" >>> =A0#include "opt_inet.h" >>> +#include "opt_inet6.h" >>> =A0#ifndef INET >>> =A0#error IPFIREWALL requires INET. >>> =A0#endif /* INET */ >>> =A0#endif /* KLD_MODULE */ >>> -#include "opt_inet6.h" >> >> Hello. >> >> This chunk seems to stop building inet6 part of ipfw.ko w/ INET6 enabled >> kernel. >> >> Found by /etc/rc.d/ipfw restart: >> [...] >> /etc/rc.d/ipfw: WARNING: failed to enable IPv6 firewall >> >> i.e. sysctl net.inet6.ip6.fw.enable doesn't present. >> >> Reversion of this hunk fixed the problem. >> NO_INET[46] lints aren't tested though. > > > Just to double-check -- this only happens for you if you build and > use the module, not when you link it into the kernel? > > As in that case I do have: > lion3# =A0sysctl net.inet6.ip6.fw.enable net.inet6.ip6.fw.enable: 1 ipfw is built and installed as a module as part of make kernel target. There is no ipfw related options in KERNCONF itself. ipfw.ko loads during rc(8) phase. > What's your src.conf and make.conf files looking like in /etc should > you have them? =A0Any WITHOUT_INET6 or WITHOUT_INET6_SUPPORT in there? Nothing suspicious. # cat /etc/src.conf WITHOUT_CLANG=3D yes # cat /etc/make.conf MODULES_OVERRIDE=3D coretemp libalias nfsclient nfslockd nfslock \ nfs_common krpc nfssvc ipfw linux linprocfs \ mac_biba netgraph cyclic opensolaris dtrace \ dtrace/dtraceall cpufreq nullfs KERNCONF=3DTST WRKDIRPREFIX=3D/usr/works # added by use.perl 2010-11-29 19:07:35 PERL_VERSION=3D5.10.1 WITHOUT_X11=3Dyes (TST config has extra debugging changes, oldnfs and commented out devices.) --=20 wbr, pluknet