Hello colleagues, I have a problem with enabling ALTQ. If I add next options to GENERIC configuration file, I can not load pf module. Options that I added (https://www.freebsd.org/doc/en/books/handbook/firewalls-pf.html): (13:51) root /usr/src> diff sys/amd64/conf/stable sys/amd64/conf/GENERIC 78,85d77 < #ALTQ support < options ALTQ < options ALTQ_CBQ # Class Based Queueing < options ALTQ_RED # Random Early Detection < options ALTQ_RIO # RED In/Out < options ALTQ_HFSC # Hierarchical Packet Scheduler < options ALTQ_PRIQ # Priority Queueing < Exit 1 uname: (13:52) root /usr/src> uname -a FreeBSD srv 9.3-RELEASE FreeBSD 9.3-RELEASE #0 r268512: Thu Jul 10 23:44:39 UTC 2014 root@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64 When I try to load pf I get: (13:53) root /usr/src> kldload pf kldload: an error occurred while loading the module. Please check dmesg(8) for more details. Exit 1 (13:53) root /usr/src> dmesg | tail -n 4 KLD pf.ko: depends on kernel - not available or version mismatch linker_load_file: Unsupported file type KLD pf.ko: depends on kernel - not available or version mismatch linker_load_file: Unsupported file type If I try to add next options to GENERIC without ALTQ, PF does not work at all: device pf device pflog device pfsync (13:53) root /usr/src> svn info Path: . Working Copy Root Path: /usr/src URL: svn://svn.freebsd.org/base/stable/9 Relative URL: ^/stable/9 Repository Root: svn://svn.freebsd.org/base Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f Revision: 296893 Node Kind: directory Schedule: normal Last Changed Author: davidcs Last Changed Rev: 296877 Last Changed Date: 2016-03-15 02:33:38 +0300 (Tue, 15 Mar 2016) Can I add pf with altq to kernel? Do you need a building and installing log? Thank you! Vladimir
Did you also rebuild the kernel after enabling ALTQ? It looks like you only rebuilt pf.ko (or did not boot the new kernel).
A quick test with ALTQ on 9.3 shows that pf loads just fine. The original report suggests that only pf.ko was rebuilt with ALTQ activated, which will indeed not load in an unmodified kernel. E-mail discussion with the original reporter has added confusing information (10.1 kernel uname for example). Assigning back to the original reporter. Please provide: - Full build output - Full kernel configuration - Full command line output when loading pf.ko - Full dmesg output - Clarification on what version the problem occurs on.
Created attachment 168781 [details] generic build and some command output It's a GENERIC RELENG test build without ALTQ support. Archive contains building output and out some command. All works fine.
Created attachment 168782 [details] generic build with PF and ALTQ in kernel and some command output It's a GENERIC RELENG test build with PF and ALTQ in kernel. Archive contains kernel configuration, kernel building output and output next command: uname -a kldstat -v dmesg pciconf -l ls /dev | grep pf kldload pf svn info PF does not work.
I will send output when I add only next options to kernel configuration: < options ALTQ < options ALTQ_CBQ # Class Based Queueing < options ALTQ_RED # Random Early Detection < options ALTQ_RIO # RED In/Out < options ALTQ_HFSC # Hierarchical Packet Scheduler < options ALTQ_PRIQ # Priority Queueing Thanks!
So the attached logs still seem to show that you're running the unmodified kernel: > FreeBSD srv 9.3-RELEASE FreeBSD 9.3-RELEASE #0 r268512: Thu Jul 10 23:44:39 UTC 2014 root@snap.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64 That's a kernel built by freebsd, not the kernel you built with ALTQ turned on.
Created attachment 168805 [details] generic build without PF and ALTQ in kernel and some command output I have seen it but I do not understand why this is so After building and installing kernel I see that system has new files in /boot/kernel. And system gives new output after executing pfctl. I execute the following commands for building kernel, maybe that's wrong: 1. cp /usr/src/sys/amd64/conf/GENERIC /root/kernel/kernel_name ln -s /root/kernel/kernel_name /usr/src/sys/amd64/conf 2. add new options to /root/kernel/kernel_name 3. cd /usr/src rm -rf /usr/obj/* make clean && make clean script /home/inst/kernel_name make buildkernel KERNCONF=kernel_name .... 4. after building completed make installkernel KERNCONF=kernel_name exit shutdown -r now I do same action on my another computer and pf work fine, but I have the ufs on it. Maybe I'm doing something wrong? Thanks!
Are you perhaps using boot environments? Maybe there's something odd with your zfs configuration as well. What's in your /boot/loader.conf?
/boot/loader.conf zfs_load="YES" vfs.root.mountfrom="zfs:zroot" /etc/rc.conf hostname="srv" keymap="ru.koi8-r.shift.kbd" zfs_enable="YES" gateway_enable="YES" # Enable as LAN gateway #ifconfig_re0="inet 192.168.1.20 netmask 255.255.255.0" ifconfig_re0="dhcp" defaultrouter="" #pf_enable="YES" #pflog_enable="YES" #pfsync_enable="YES" ntpdate_enable="YES" ntpd_enable="YES" ntpd_sync_on_start="YES" sshd_enable="YES" # Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable dumpdev="AUTO" teamspeak_enable="YES" How can I check zfs configuration? Thanks!
That looks to be right... I'm not very familiar with the way booting from ZFS works, but I'd look at 'zpool get bootfs zroot'. Do you have a zfs file system for /boot, or something else mounted on /boot? My current thinking is that for some reason your system sees a different /boot/kernel during startup than during 'make installkernel'. That'd explain your symptoms.
(13:03) root /usr/src> zpool get bootfs zroot NAME PROPERTY VALUE SOURCE zroot bootfs zroot/root/default local (13:03) root /usr/src> zpool status pool: zroot state: ONLINE scan: none requested config: NAME STATE READ WRITE CKSUM zroot ONLINE 0 0 0 gpt/disk1 ONLINE 0 0 0 errors: No known data errors Yes, it seems that kernel loads another modules... Thanks!
Closing this bug, because it's a configuration issue on this particular machine, not a problem with pf/altq.