From antoine@madhouse.dreadbsd.org  Mon Oct 31 12:57:31 2005
Return-Path: <antoine@madhouse.dreadbsd.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9DF9916A41F
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 31 Oct 2005 12:57:31 +0000 (GMT)
	(envelope-from antoine@madhouse.dreadbsd.org)
Received: from barton.dreadbsd.org (madhouse.dreadbsd.org [82.67.196.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7CDC143D66
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 31 Oct 2005 12:57:26 +0000 (GMT)
	(envelope-from antoine@madhouse.dreadbsd.org)
Received: from barton.dreadbsd.org (localhost [127.0.0.1])
	by barton.dreadbsd.org (8.13.4/8.13.4) with ESMTP id j9VCvPW9030634
	for <FreeBSD-gnats-submit@freebsd.org>; Mon, 31 Oct 2005 13:57:25 +0100 (CET)
	(envelope-from antoine@madhouse.dreadbsd.org)
Received: (from antoine@localhost)
	by barton.dreadbsd.org (8.13.4/8.13.1/Submit) id j9VCvOQc030633;
	Mon, 31 Oct 2005 13:57:25 +0100 (CET)
	(envelope-from antoine)
Message-Id: <200510311257.j9VCvOQc030633@barton.dreadbsd.org>
Date: Mon, 31 Oct 2005 13:57:25 +0100 (CET)
From: Antoine Brodin <antoine.brodin@laposte.net>
Reply-To: Antoine Brodin <antoine.brodin@laposte.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [pf] [patch] pf.ko from buildkernel can't log in -current
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         88271
>Category:       kern
>Synopsis:       [pf] [patch] pf.ko from buildkernel can't log in -current
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 31 13:00:28 GMT 2005
>Closed-Date:    Sun Feb 05 22:39:24 GMT 2006
>Last-Modified:  Sun Feb 05 22:39:24 GMT 2006
>Originator:     Antoine Brodin
>Release:        FreeBSD 7.0-CURRENT i386
>Organization:
none
>Environment:
System: FreeBSD barton.dreadbsd.org 7.0-CURRENT FreeBSD 7.0-CURRENT #2: Mon Oct 31 10:38:59 CET 2005 antoine@barton.dreadbsd.org:/usr/obj/usr/src/sys/BARTON i386
>Description:
I already sent a description to freebsd-pf@ :
http://docs.freebsd.org/cgi/mid.cgi?20051030195002.5075e2fd.antoine.brodin
http://docs.freebsd.org/cgi/mid.cgi?20051031110115.72765f11.antoine.brodin

There's a problem with revision 1.8 of sys/modules/pf/Makefile :

pf says it logs packets :
%%%
# pfctl -sr -v | grep -A1 log
...
block return-rst log inet proto tcp all
  [ Evaluations: 847       Packets: 8         Bytes: 408         States: 0     ]
block return-icmp(port-unr) log inet proto udp all
  [ Evaluations: 847       Packets: 58        Bytes: 27811       States: 0     ]
...
%%%

but /var/log/pflog stays empty.

/usr/obj/usr/src/sys/BARTON/modules/usr/src/sys/modules/pf/opt_pf.h is a
symlink to /usr/obj/usr/src/sys/BARTON/opt_pf.h which is empty so that's
why I say it's related to revision 1.8 of sys/modules/pf/Makefile.
>How-To-Repeat:
Load pf.ko build during buildkernel, enable pf et pflog in rc.conf with
rules that log and watch /var/log/pflog.
>Fix:
The attached patch solves the problem :

--- pf.diff begins here ---
Index: sys/modules/pf/Makefile
===================================================================
RCS file: /home/ncvs/src/sys/modules/pf/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- sys/modules/pf/Makefile	14 Oct 2005 23:30:14 -0000	1.8
+++ sys/modules/pf/Makefile	31 Oct 2005 09:34:57 -0000
@@ -12,11 +12,11 @@
 
 CFLAGS+=  -I${.CURDIR}/../../contrib/pf
 
-.if !defined(KERNBUILDDIR)
 opt_pf.h:
 	echo "#define DEV_PF 1" > opt_pf.h
 	echo "#define DEV_PFLOG 1" >> opt_pf.h
 
+.if !defined(KERNBUILDDIR)
 opt_inet.h:
 	echo "#define INET 1" > opt_inet.h
 
--- pf.diff ends here ---


>Release-Note:
>Audit-Trail:

From: Yar Tikhiy <yar@comp.chem.msu.su>
To: bug-followup@FreeBSD.org, antoine.brodin@laposte.net
Cc:  
Subject: Re: kern/88271: [pf] [patch] pf.ko from buildkernel can't log in -current
Date: Fri, 4 Nov 2005 17:15:24 +0300

 This problem should be fixed by making seperate modules for pf and
 pflog.  The patch proposed just reverts to the old poor behavior of
 ignoring the real kernel option files in favor of the fake ones.
 
 -- 
 Yar
State-Changed-From-To: open->closed 
State-Changed-By: mlaier 
State-Changed-When: Sun Feb 5 22:38:35 UTC 2006 
State-Changed-Why:  
Fixed by making pflog a separate module. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=88271 
>Unformatted:
