pf and pflog refuse to work after the system update

[w1k0]

I use FreeBSD 7.2 with CUSTOM variant of GENERIC kernel. I added to my kernel a few of ALTQ options required by pf.

After the update of the system I encountered some problems with pf...

Here are my ALTQ options:

options         ALTQ
options         ALTQ_CBQ                # Class Bases Queuing (CBQ)
options         ALTQ_RED                # Random Early Detection (RED)
options         ALTQ_RIO                # RED In/Out
options         ALTQ_HFSC               # Hierarchical Packet Scheduler (HFSC)
options         ALTQ_PRIQ               # Priority Queuing (PRIQ)
options         ALTQ_NOPCC              # Required for SMP build

Here are my upadte logs:

# freebsd-update fetch

Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching public key from update5.FreeBSD.org... done.
Fetching metadata signature for 7.2-RELEASE from update5.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 29 patches.....10....20.... done.
Applying patches... done.
Fetching 6 files... done.

The following files will be updated as part of updating to 7.2-RELEASE-p3:
/boot/kernel/if_bce.ko
/boot/kernel/if_bce.ko.symbols
/boot/kernel/if_fxp.ko
/boot/kernel/if_fxp.ko.symbols
/boot/kernel/kernel
/boot/kernel/kernel.symbols
/lib/libc.so.7
/lib/libthr.so.3
/rescue/[
/rescue/atacontrol
/rescue/atmconfig
/rescue/badsect
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chio
/rescue/chmod
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/getfacl
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/link
/rescue/ln
/rescue/ls
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_ntfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mv
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pax
/rescue/ping
/rescue/ping6
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rcp
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sconfig
/rescue/setfacl
/rescue/sh
/rescue/slattach
/rescue/spppcontrol
/rescue/startslip
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tar
/rescue/tcsh
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/vi
/rescue/whoami
/rescue/zcat
/sbin/devd
/sbin/init
/usr/bin/ar
/usr/bin/as
/usr/bin/cc
/usr/bin/gcc
/usr/bin/ld
/usr/bin/make
/usr/bin/ranlib
/usr/lib/libc.a
/usr/lib/libc_p.a
/usr/lib/libc_pic.a
/usr/lib/libkse.so.3
/usr/libexec/cc1
/usr/libexec/cc1obj
/usr/libexec/cc1plus
/usr/sbin/lwresd
/usr/sbin/named
/usr/sbin/nologin
/usr/sbin/ntpd
/usr/src/contrib/bind9/bin/named/update.c
/usr/src/contrib/ntp/ntpd/ntp_crypto.c
/usr/src/lib/libc/stdlib/malloc.c
/usr/src/sys/conf/newvers.sh
/usr/src/sys/dev/bce/if_bce.c
/usr/src/sys/dev/fxp/if_fxp.c
/usr/src/sys/kern/sys_pipe.c
/usr/src/sys/netinet6/in6.c

# freebsd-update install

Installing updates... done.

Before the update I saw during the boot procedures these messages:

Starting pflog.
pflog0: promiscuous mode enabled
Enabling pf.
Sep 25 22:48:45 pflogd[314]: [priv]: msg PRIV_OPEN_LOG received
pf enabled

After the update I see during the boot procedures these messages:

link_elf: symbol altq_disable undefined
KLD pflog.ko: depends on pf - not available
kldload: can't load pflog: No such file or directory
/etc/rc: WARNING: Unable to load kernel module pflog
link_elf: symbol altq_disable undefined
kldload: can't load pf: No such file or directory
/etc/rc: WARNING: Unable to load kernel module pf

Modules pf and pflog are still in the same place:

# cd /boot/kernel
# ls pf*

pf.ko
pf.ko.symbols
pflog.ko
pflog.ko.symbols

So I have two questions:

* Assuming that pf isn’t loaded during the boot procedures is it safe to connect my FreeBSD box to Internet before repairing the system (I ask that question from within Linux box)?

* What should I do to restore the valid work of pf and pflog modules?

 

[w1k0]

I omitted above some information. I built my CUSTOM kernel with embedded a few ALTQ options but without pf and pflog because both those modules worked out of the box. Now it seems they stopped to work.

 

[anomie]

Just FYI: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/updating-upgrading-freebsdupdate.html

The freebsd-update utility can automatically update the GENERIC kernel only. If a custom kernel is in use, it will have to be rebuilt and reinstalled after freebsd-update finishes installing the rest of the updates. However, freebsd-update will detect and update the GENERIC kernel in /boot/GENERIC (if it exists), even if it is not the current (running) kernel of the system.

 

[w1k0]

Thank you -- I didn't read it. Now I recompiled kernel and everything works well.

 

[y2s82]

I still have trouble with pf/pflog after freebsd-update

I can't figure out what to do.
Every time I use freebsd-update fetch, it lists components to update to freebsd 8.0-p2. So then I would freebsd-update install.
The thing is, once that happens, pf and pflog kernel modules would not run from rc.conf, giving errors "no such file or directory" in dmesg -a.
Even if I try to load them manually using kldload, same thing.

When I then simply go to /usr/src and run make kernel KERNCONF=KERNEL.NAME.HERE which i used to build a custom kernel with pf in it, pf and pflog works; the catch here, though, is that i apparently then go back to the previous version of freebsd: when i run freebsd-update fetch again, it again lists the updates for 8.0-p2. I do the update and, well, you can go back to the top of this post for what happens next.

So what do I do now? How can I use pf? Is there a conflict between the new version of kernel and pf?

 

[SirDice]

Configure freebsd-update to also update your source tree in /usr/src/.

 

[y2s82]

My freebsd-update.conf has the default Component line:
Components src world kernel
Should I add /usr/src at the end of this line? I assumed src would update the source code in /usr/src...

 

[DutchDaemon]

Your assumption is correct. Make sure you read post #3 again. Generic and custom kernels can happily co-exist using freebsd-update. The generic kernel will be updated automatically (if it's in /boot/GENERIC), but you'll have to rebuild your custom kernel (in /boot/kernel) yourself.

 

[y2s82]

But then why does my custom kernel keep using src from previous version?
(see post#5)
And why am i having trouble kldload-ing the pf module after update to 8.0-p2? Is this normal?

 

[DutchDaemon]

I have no idea (I don't use freebsd-update), but you could try

StrictComponents yes

which might force a freebsd-update to get everything strictly in sync with the version you're updating to. If that's what this option is for.