NetBSD Problem Report #26265

Received: (qmail 7217 invoked by uid 605); 12 Jul 2004 16:47:11 -0000
Message-Id: <200407121358.i6CDwLu00419@hardknottpass.estiria.net>
Date: Mon, 12 Jul 2004 09:58:21 -0400 (EDT)
From: danielfdickinson@yahoo.ca
Sender: gnats-bugs-owner@NetBSD.org
Reply-To: danielfdickinson@yahoo.ca
To: gnats-bugs@gnats.netbsd.org
Subject: ipmon fails to start with ioctl(FIONREAD) Operation not ..., when there is no dns available 
X-Send-Pr-Version: 3.95

>Number:         26265
>Category:       bin
>Synopsis:       ipmon fails to start with ioctl(FIONREAD) Operation not supported, when started before dns is available
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    ipf-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jul 12 16:48:00 +0000 2004
>Closed-Date:    
>Last-Modified:  Sat Dec 17 04:30:02 +0000 2011
>Originator:     
>Release:        NetBSD 1.6.2
>Organization:

>Environment:


System: NetBSD hardknottpass.estiria.net 1.6.2 NetBSD 1.6.2 (GENERIC) #0: Tue Feb 10 21:53:10 UTC 2004 autobuild@tgm.netbsd.org:/autobuild/netbsd-1-6-PATCH002/i386/OBJ/autobuild/netbsd-1-6-PATCH002/src/sys/arch/i386/compile/GENERIC i386
Architecture: i386
Machine: i386
>Description:
	ipmon fails to log packets, giving error message ioctl(FIONREAD) Operation not supported by devices when started before dns is available and the -n switch is used.


>How-To-Repeat:
	1) configure named to serve the local network (and host machine) 
	2) configure resolv.conf so that only this dns server is queried
	3) enable ipmon in rc.conf
	4) set up a simple ipf ruleset that passes and logs everything
	5) enable ipfilter in rc.conf
	6) reboot: ipmon will appear to start, but later in the boot the error message mentioned above will appear, and no packets will be logged

>Fix:

         replace the /etc/rc.d/ipmon with /etc/rc.d/ipmon-nodns and /etc/rc.d/ipmon-dns (see below for samples)

#!/bin/sh
#
# SAMPLE /etc/rc.d/ipmon-nodns
#

# PROVIDE: ipmon-nodns
# REQUIRE: syslogd
# BEFORE:  SERVERS

. /etc/rc.subr

name="ipmon"
rcvar=$name
command="/usr/sbin/${name}"
ipmon_flags_named=$ipmon_flags
ipmon_flags="-Ds"
command_args=""

load_rc_config $name
run_rc_command "$1"

ipmon_flags=$ipmon_flags_named

#
# End of sample /etc/rc.d/ipmon-nodns
#


#!/bin/sh
#
# SAMPLE /etc/rc.d/ipmon-dns
#

# PROVIDE: ipmon-name
# REQUIRE: syslogd named
# BEFORE:  LOGIN

. /etc/rc.subr

name="ipmon"
rcvar=$name
command="/usr/sbin/${name}"
command_args=""

load_rc_config $name
run_rc_command "$1"
#
# END OF SAMPLE /etc/rc.d/ipmon-dns

Obviously a more general solution is needed (replace named with dns? and ipmon_flags with ipmon_dns_flags and ipmon_nodns_flags?)

HTH

Daniel
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: bin-bug-people->ipf-bug-people
Responsible-Changed-By: darrenr@NetBSD.org
Responsible-Changed-When: Thu, 01 Jan 2009 04:20:20 +0000
Responsible-Changed-Why:


State-Changed-From-To: open->closed
State-Changed-By: darrenr@NetBSD.org
State-Changed-When: Tue, 13 Dec 2011 23:37:25 +0000
State-Changed-Why:
this is not an ipfilter problem per-se, it is an rc.d problem with
ordering to ensure that ipfilter is started and enabled before starting
ipmon. if the rc.d dependencies don't allow for that to be specified then
there is the problem.


State-Changed-From-To: closed->open
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Wed, 14 Dec 2011 12:31:29 +0000
State-Changed-Why:
If that is the problem, then it's not fixed!


From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: bin/26265: ipmon fails to start with ioctl(FIONREAD) Operation
 not supported, when started before dns is available
Date: Sat, 17 Dec 2011 04:28:59 +0000

 (not sent to gnats, use gnats-bugs for PR traffic)

    ------

 From: Darren Reed <darrenr@NetBSD.org>
 To: gnats@netbsd.org
 Subject: bin/26265
 Date: Tue, 13 Dec 2011 23:36:29 +0000 (UTC)


 The error from FIONREAD is not because of dns not being present,
 it is because ipfilter in the kernel is not yet ready. this suggests
 that there is a race between the ipmon service starting and ipfilter
 in the kernel being enabled - is ipfilter enabled in rc.conf, for
 example?
 personally, i cannot reproduce this so i'm going to close it.

>Unformatted:

Home	PR Database Search