Bug 240363 - ipfilter: Does not start on clean install system with default kernel
Summary: ipfilter: Does not start on clean install system with default kernel
Status: Closed Overcome By Events
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 12.0-RELEASE
Hardware: Any Any
: --- Affects Only Me
Assignee: Cy Schubert
URL:
Keywords: needs-qa
Depends on:
Blocks:
 
Reported: 2019-09-06 10:26 UTC by DYM
Modified: 2019-09-07 10:13 UTC (History)
1 user (show)

See Also:


Attachments
/var/log/messages (8.00 KB, text/plain)
2019-09-06 12:50 UTC, DYM
no flags Details
/var/run/dmesg.boot (4.63 KB, text/plain)
2019-09-06 12:51 UTC, DYM
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description DYM 2019-09-06 10:26:07 UTC
How to reproduce bug:
Installing clean version 12.0

When included in rc.conf:
====
ipfilter_enable = "YES"
====
IPFILTER does not start.
Reports a kernel/user version mismatch.
That is, with a default installation, IPF/IPNAT is not working.


Include options in the kernel config:
====
options IPFILTER
options IPFILTER_LOG
====
and rebuilding the kernel treats rakes.

However, rebuilding the kernel also requires rebuilding the world, or at least ipf/ipnat

That is, the installation image contains a mismatch between the kernel assembly and the environment in advance.
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2019-09-06 10:48:01 UTC
@Reporter  Can you provide the following additional information please:

- uname -aK output
- any relevant logs from /var/log/message (as an attachment)
- output of /var/run/dmesg.boot (as an attachment)
Comment 2 DYM 2019-09-06 12:50:24 UTC
Created attachment 207231 [details]
/var/log/messages
Comment 3 DYM 2019-09-06 12:51:10 UTC
Created attachment 207232 [details]
/var/run/dmesg.boot
Comment 4 DYM 2019-09-06 12:51:50 UTC
# uname -aK
FreeBSD test 12.0-RELEASE FreeBSD 12.0-RELEASE r341666 GENERIC  amd64 1200086

# ipf -Fa -f /etc/ipf.rules
open device: No such file or directory
User/kernel version check failed

# ipnat -CF -f /etc/ipnat.rules
/dev/ipnat: open: No such file or directory
Comment 5 Cy Schubert freebsd_committer 2019-09-06 12:59:07 UTC
Did you build from scratch or install the ISO?
Comment 6 DYM 2019-09-06 13:53:05 UTC
Fresh install from ISO DVD 12.0 amd64
Comment 7 Cy Schubert freebsd_committer 2019-09-06 14:15:14 UTC
It's obvious this is not a fresh install as you included IPFILTER in the kernel and rebuilt the kernel. This is not a fresh install as it has been modified by you.

List your whole kernel config file.
Comment 8 DYM 2019-09-07 10:13:04 UTC
Manually loading the module solves the problem.

# kldload ipl.ko