Summary: | sysutils/pftop crashing v0.10 installed via pkg install pftop | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | dmutha |
Component: | Individual Port(s) | Assignee: | Michael Gmelin <grembo> |
Status: | Closed FIXED | ||
Severity: | Affects Some People | CC: | dmutha, grembo, kp, zwiebel |
Priority: | --- | Keywords: | security |
Version: | Latest | Flags: | linimon:
maintainer-feedback?
(grembo) |
Hardware: | amd64 | ||
OS: | Any |
Description
dmutha
2024-03-08 21:12:24 UTC
(In reply to dmutha from comment #0) running pftop version 0.10 from ports installed via pkg install pftop. (In reply to dmutha from comment #1) Checked and the same version from ports runs fine on FreeBSD ww.xx.yy.zz 13.2-RELEASE-p10 FreeBSD 13.2-RELEASE-p10 GENERIC amd64 It seems like that there were incompatible changes in libpfctl. Adding kp@, the maintainer of net/libpfctl. Basically the package builders build packages for a FreeBSD version <13.3, but libpfctl uses different sources when built on 13.3. So if you build it and pftop locally on 13.3, pftop will work as expected, but the binaries served to you via official pkg repos will be built for version <13.3. This is the same issues ports like virtualbox-ose-kmod have. Maybe kp@ had an idea for a workaround (e.g., add a temporary port called pftop133, which uses different structures. Or maybe make use of flavours?) - let's see. In the meantime, the only way to avoid the issue is to build libpfctl locally. (In reply to Michael Gmelin from comment #4) That should all still work just fine, unless you're building libpfctl against 13.3 and pftop against 13.2's libpfctl. In which case, yeah, that doesn't work. The original report "Assertion failed: (elems <= maxelems), function pf_nvuint_32_array, file libpfctl.c, line 153." sounds more like it's an old libpfctl running against a newer kernel. I believe we may have extended one of the arrays the kernel returns and some older versions of libpfctl can't handle that. The fix for that is in the 13.3 version of libpfctl. It's not in the 13.2 one. AIUI ports will keep building on 13.2 for another three months or so, so I'll see if we can update 13.2's libpfctl to include that. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=57043127470cac41e7dcdb6a144c9d2dbba29f1f commit 57043127470cac41e7dcdb6a144c9d2dbba29f1f Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2024-03-12 12:32:58 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2024-03-12 17:12:25 +0000 net/libpfctl: update 13.2 library Include the following commit in the 13.2 version of libpfctl (13.3 already has this change): commit b9c4fb71f6aeef4fbee3d5c59b5946a08993fe88 (HEAD -> libpfctl/13.2) Author: Kristof Provost <kp@FreeBSD.org> Date: Fri Oct 27 14:13:57 2023 +0200 libpfctl: be more tolerant of kernel extensions Allow the kernel to supply more array elements than expected, but cut off when we hit what we think the maximum is. This will improve forward compatibility (i.e. old userspace with newer kernel). Reviewed by: zlei MFC after: 1 week Sponsored by: Orange Business Services Differential Revision: https://reviews.freebsd.org/D42392 PR: 277587 Sponsored by: Rubicon Communications, LLC ("Netgate") net/libpfctl/Makefile | 4 ++-- net/libpfctl/distinfo | 21 +++++++++------------ 2 files changed, 11 insertions(+), 14 deletions(-) # freebsd-version -kru 13.3-RELEASE-p1 13.3-RELEASE-p1 13.3-RELEASE-p1 The current setup has working ''-v rules'' again. The libpfctl-0.10 and pftop-0.10_1 were both taken from the ports. I can also confirm that this is fixed, closing. |