Bug 240363

Summary: ipfilter: Does not start on clean install system with default kernel
Product: Base System Reporter: DYM <dym>
Component: kernAssignee: Cy Schubert <cy>
Status: Closed Overcome By Events    
Severity: Affects Only Me CC: dym
Priority: --- Keywords: needs-qa
Version: 12.0-RELEASE   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
/var/log/messages
none
/var/run/dmesg.boot none

Description DYM 2019-09-06 10:26:07 UTC 
How to reproduce bug:
Installing clean version 12.0

When included in rc.conf:
====
ipfilter_enable = "YES"
====
IPFILTER does not start.
Reports a kernel/user version mismatch.
That is, with a default installation, IPF/IPNAT is not working.


Include options in the kernel config:
====
options IPFILTER
options IPFILTER_LOG
====
and rebuilding the kernel treats rakes.

However, rebuilding the kernel also requires rebuilding the world, or at least ipf/ipnat

That is, the installation image contains a mismatch between the kernel assembly and the environment in advance.
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2019-09-06 10:48:01 UTC 
@Reporter  Can you provide the following additional information please:

- uname -aK output
- any relevant logs from /var/log/message (as an attachment)
- output of /var/run/dmesg.boot (as an attachment)
Comment 2 DYM 2019-09-06 12:50:24 UTC 
Created attachment 207231 [details]
/var/log/messages
Comment 3 DYM 2019-09-06 12:51:10 UTC 
Created attachment 207232 [details]
/var/run/dmesg.boot
Comment 4 DYM 2019-09-06 12:51:50 UTC 
# uname -aK
FreeBSD test 12.0-RELEASE FreeBSD 12.0-RELEASE r341666 GENERIC  amd64 1200086

# ipf -Fa -f /etc/ipf.rules
open device: No such file or directory
User/kernel version check failed

# ipnat -CF -f /etc/ipnat.rules
/dev/ipnat: open: No such file or directory
Comment 5 Cy Schubert freebsd_committer freebsd_triage 2019-09-06 12:59:07 UTC 
Did you build from scratch or install the ISO?
Comment 6 DYM 2019-09-06 13:53:05 UTC 
Fresh install from ISO DVD 12.0 amd64
Comment 7 Cy Schubert freebsd_committer freebsd_triage 2019-09-06 14:15:14 UTC 
It's obvious this is not a fresh install as you included IPFILTER in the kernel and rebuilt the kernel. This is not a fresh install as it has been modified by you.

List your whole kernel config file.
Comment 8 DYM 2019-09-07 10:13:04 UTC 
Manually loading the module solves the problem.

# kldload ipl.ko