Created attachment 232853 [details] pf.conf on reboot, pf doesn't start from rc.conf phase. I'm assuming this is some malformed pf.conf on my side, but a line or rule # might help. Enabling pfpfctl: DIOCADDRULENV: Invalid argument /etc/rc: WARNING: Unable to load /etc/pf.conf. pf.conf is attached: # pfctl -vge -F all -f /etc/pf.conf No ALTQ support in kernel ALTQ related functions disabled pfctl: pfctl_clear_eth_rules: Device busy Seems to have broken between src commit aeb91e9 & 7d1ab86 a minimal test case is using pf.empty, literally an empty file: # pfctl -vegf /etc/pf.empty No ALTQ support in kernel ALTQ related functions disabled pfctl: pfctl_rules # pfctl -F all pfctl: pfctl_clear_eth_rules: Device busy
try this: https://people.freebsd.org/~mjg/pf-rules.diff you need to build libpfctl, pfctl and the kernel
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=c4a08ef2af6fe0b0d1b03f7ec4f20bed96de20e8 commit c4a08ef2af6fe0b0d1b03f7ec4f20bed96de20e8 Author: Mateusz Guzik <mjg@FreeBSD.org> AuthorDate: 2022-04-01 15:04:03 +0000 Commit: Mateusz Guzik <mjg@FreeBSD.org> CommitDate: 2022-04-01 18:01:48 +0000 pf: handle duplicate rules gracefully Reviewed by: kp Reported by: dch PR: 262971 Sponsored by: Rubicon Communications, LLC ("Netgate") lib/libpfctl/libpfctl.c | 2 ++ sbin/pfctl/pfctl.c | 19 +++++++++++++++++-- sys/netpfil/pf/pf_ioctl.c | 5 +++-- 3 files changed, 22 insertions(+), 4 deletions(-)
provided testcase passes now for me, it also passes internal testing please reopen if there are still issues