Site Navigation

Date:      Mon, 11 Dec 2006 21:58:08 +0100
From:      Max Laier <max@love2party.net>
To:        freebsd-ports@freebsd.org
Cc:        Lars Wittebrood <lars@socruel.nu>
Subject:   Re: Pfstat trouble, no data in database file
Message-ID:  <200612112158.14488.max@love2party.net>
In-Reply-To: <200612112110.25591.max@love2party.net>
References:  <302F75DC2739FB43B236373398A8C599299F@saturnus.intra.socruel.nu> <200612112110.25591.max@love2party.net>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--nextPart1440578.s2IjhEnKk3
Content-Type: multipart/mixed;
  boundary="Boundary-01=_iZcfFYDGn8RTkm+"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--Boundary-01=_iZcfFYDGn8RTkm+
Content-Type: text/plain;
  charset="iso-8859-6"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

List doesn't like text/x-csrc it seems.  Resend as text/plain.

On Monday 11 December 2006 21:10, Max Laier wrote:
> On Monday 11 December 2006 20:29, Lars Wittebrood wrote:
> > Hello list,
> >
> > After some more troubleshooting I've come a step further.
> >
> > I have run the '/usr/local/bin/pfstat -q' command from a shell and
> > found some problems with my /usr/local/etc/pfstat.conf file. After
> > solving these problems I get the following message issueing the
> > '/usr/local/bin/pfstat -q' command:
> >
> > root@servername etc # /usr/local/bin/pfstat -q
> > ioctl: DIOCGETALTQS: Operation not supported by device
> > pf_query: query_queues() failed
> >
> > I couldn't find anything usefull on these strings via Google.
> >
> > Any help is much appreciated.
>
> pfstat 2.2 seems to assume that ALTQ support is enabled in the kernel.
> For now the only way to work around your problem seems to be to build a
> kernel with ALTQ support.  Alternatively you can replace
> files/patch-pf.c in sysutils/pfstat with the attached and rebuild
> pfstat.
>
> > MTIA
> >
> > Cheers,
> > Lars.
> >
> > > _____________________________________________
> > > From: 	Lars Wittebrood
> > > Sent:	Sunday, December 10, 2006 9:51 PM
> > > To:	'freebsd-ports@freebsd.org'
> > > Subject:	Pfstat trouble, no data in database file
> > >
> > > Hello list,
> > >
> > > I've installed and configure the Pfstat port on a FreeBSD 6.1
> > > RELEASE system acting as a firewall based on PF.
> > >
> > > FreeBSD servername 6.1-RELEASE-p10 FreeBSD 6.1-RELEASE-p10 #0: Fri
> > > Nov 24 13:33:18 CET 2006
> > > root@servername:/usr/obj/usr/src/sys/ALPHA i386
> > >
> > > The trouble I have is that I get no data at all in the Pfstat data
> > > file!
> > >
> > > My Pfstat /etc/crontab entries
> > > #
> > > # Gather Pfstat output continually
> > > *       *       *       *       *       root  =20
> > > /usr/local/bin/pfstat -q >> /var/db/pfstat.db
> > > #
> > > # Generate Pfstat graphs every 5 minutes
> > > */5     *       *       *       *       root  =20
> > > /usr/local/bin/pfstat -c /etc/pfstat.conf -d /var/db/pfstat.db
> > > #
> > > # Glean old Pfstat data
> > > 1       1       1       *       *       root  =20
> > > /usr/local/bin/pfstat -t 31:365
> > >
> > > Entries from my cron log:
> > > Dec 10 21:40:00 servername /usr/sbin/cron[39679]: (root) CMD (
> > > /usr/libexec/atrun)
> > > Dec 10 21:41:00 servername /usr/sbin/cron[502]: (*system*) RELOAD
> > > (/etc/crontab)
> > > Dec 10 21:41:00 servername /usr/sbin/cron[39687]: (root) CMD
> > > (/usr/local/bin/pfstat -q >> /var/db/pfstat.db)
> > > Dec 10 21:42:00 servername /usr/sbin/cron[39696]: (root) CMD
> > > (/usr/local/bin/pfstat -q >> /var/db/pfstat.db)
> > > Dec 10 21:43:00 servername /usr/sbin/cron[39701]: (root) CMD
> > > (/usr/local/bin/pfstat -q >> /var/db/pfstat.db)
> > > Dec 10 21:44:00 servername /usr/sbin/cron[39714]: (root) CMD
> > > (/usr/local/bin/pfstat -q >> /var/db/pfstat.db)
> > > Dec 10 21:44:00 servername /usr/sbin/cron[39715]: (operator) CMD
> > > (/usr/libexec/save-entropy)
> > > Dec 10 21:45:00 servername /usr/sbin/cron[39734]: (root) CMD
> > > (/usr/local/bin/pfstat -q >> /var/db/pfstat.db)
> > > Dec 10 21:45:00 servername /usr/sbin/cron[39735]: (root) CMD (
> > > /usr/libexec/atrun)
> > > Dec 10 21:45:00 servername /usr/sbin/cron[39733]: (root) CMD
> > > (/usr/local/bin/pfstat -c /etc/pfstat.conf -d /var/db/pfstat.db)
> > >
> > > root@servername db # ll /var/db/pfstat.db
> > > -rw-r--r--    1 root     wheel           0 Dec 10 21:21
> > > /var/db/pfstat.db
> > >
> > > As you can see pfstat.db stays zero bytes! Anyone any idea why this
> > > is happening? My /etc/pf.conf has a set loginterface entry!
> > >
> > > MTIA.
> > >
> > > Cheers,
> > > Lars.
> >
> > _______________________________________________
> > freebsd-ports@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> > To unsubscribe, send any mail to
> > "freebsd-ports-unsubscribe@freebsd.org"

=2D-=20
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

--Boundary-01=_iZcfFYDGn8RTkm+
Content-Type: text/plain;
  charset="iso-8859-6";
  name="patch-pf.c"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
	filename="patch-pf.c"

=2D-- pf.c.orig	Thu May 11 23:41:07 2006
+++ pf.c	Mon Dec 11 21:08:31 2006
@@ -67,10 +67,8 @@
=20
 	/* first, find out how many queues there are */
 	memset(&pa, 0, sizeof(pa));
=2D	if (ioctl(fd, DIOCGETALTQS, &pa)) {
=2D		fprintf(stderr, "ioctl: DIOCGETALTQS: %s\n", strerror(errno));
=2D		return (1);
=2D	}
+	if (ioctl(fd, DIOCGETALTQS, &pa))
+		return (0);
 	mnr =3D pa.nr;
=20
 	/* fetch each of those queues */
@@ -144,23 +142,24 @@
 query_ifaces(int fd, void (*cb)(int, const char *, int, double))
 {
 	struct pfioc_iface io;
=2D	struct pfi_kif ifs[256];
+	struct pfi_if ifs[256];
 	int i, j;
=20
 	memset(&io, 0, sizeof(io));
 	io.pfiio_buffer =3D ifs;
 	io.pfiio_esize =3D sizeof(ifs[0]);
 	io.pfiio_size =3D sizeof(ifs) / sizeof(ifs[0]);
+	io.pfiio_flags =3D PFI_FLAG_ALLMASK;
 	if (ioctl(fd, DIOCIGETIFACES, &io)) {
 		fprintf(stderr, "ioctl: DIOCIGETIFACES: %s\n", strerror(errno));
 		return (1);
 	}
 	for (i =3D 0; i < io.pfiio_size; ++i)
 		for (j =3D 0; j < 16; ++j)
=2D			(*cb)(COL_TYPE_IFACE, ifs[i].pfik_name,
+			(*cb)(COL_TYPE_IFACE, ifs[i].pfif_name,
 			    j, j & 4 ?
=2D			    ifs[i].pfik_packets[j&1?0:1][j&2?0:1][j&8?0:1] :
=2D			    ifs[i].pfik_bytes[j&1?0:1][j&2?0:1][j&8?0:1]);
+			    ifs[i].pfif_packets[j&1?0:1][j&2?0:1][j&8?0:1] :
+			    ifs[i].pfif_bytes[j&1?0:1][j&2?0:1][j&8?0:1]);
 	/* bytes/packets[af][dir][op] */
 	return (0);
 }

--Boundary-01=_iZcfFYDGn8RTkm+--

--nextPart1440578.s2IjhEnKk3
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQBFfcZmXyyEoT62BG0RAjMIAJ9msCIOBIpM4xzZMTBMBiSLgMeG4wCeNgZY
8lqkT8U4UMWbNc2uU5DQ+94=
=UtsZ
-----END PGP SIGNATURE-----

--nextPart1440578.s2IjhEnKk3--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200612112158.14488.max>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact