Bug 213859

Summary: /dev/pf device busy causes issues in complex systems
Product: Base System Reporter: jjasen
Component: kernAssignee: freebsd-pf (Nobody) <pf>
Status: New ---    
Severity: Affects Some People    
Priority: ---    
Version: 10.0-RELEASE   
Hardware: amd64   
OS: Any   

Description jjasen 2016-10-28 18:18:21 UTC 
Probably filed under pf:

I have firewall systems using pf, with ftp_proxy as well. Under certain circumstances, relayd will crash when updating a table if something else (such as ftp_proxy, tftp_proxy, or a local rules edit) has /dev/pf locked.

I've seen other cases, where an individual ftp_proxy will also fail, if something else grabbed /dev/pf as well -- and seeing "pfctl: DIOCADDRULE: Device busy " failures when doing manual updates is quite common.

relayd logs attached:
Oct 28 17:26:15 fw-1/fw-1 relayd[31847]: table devproxy-http: 1 added, 0 deleted, 0 changed, 2 killed 
Oct 28 17:26:15 fw-1/fw-1 relayd[31847]: fatal: sync_ruleset: cannot add address to pool: Device busy 
Oct 28 17:26:15 fw-1/fw-1 kernel: Oct 28 17:26:15 pubgw2 relayd[31847]: fatal: sync_ruleset: cannot add address to pool: Device busy 
Oct 28 17:26:15 fw-1/fw-1 relayd[31848]: hce exiting, pid 31848
Oct 28 17:26:15 fw-1/fw-1 relayd[31849]: relay exiting, pid 31849
Oct 28 17:26:15 fw-1/fw-1 relayd[31851]: relay exiting, pid 31851
Oct 28 17:26:15 fw-1/fw-1 relayd[31852]: relay exiting, pid 31852
Oct 28 17:26:15 fw-1/fw-1 relayd[31854]: ca exiting, pid 31854
Oct 28 17:26:15 fw-1/fw-1 relayd[31853]: ca exiting, pid 31853
Oct 28 17:26:15 fw-1/fw-1 relayd[31850]: ca exiting, pid 31850
Oct 28 17:26:25 fw-1/fw-1 relayd[31846]: lost child: pfe exited abnormally 
Oct 28 17:26:25 fw-1/fw-1 kernel: Oct 28 17:26:25 pubgw2 relayd[31846]: lost child: pfe exited abnormally
Oct 28 17:26:25 fw-1/fw-1 relayd[31846]: parent terminating, pid 31846