Network simulation using jails & vimage
jim at sifferle.net
jim at sifferle.net
Fri Mar 5 19:16:05 UTC 2010
On February 23, 2010 at 10:11 AM "Ermal Luçi" <eri at freebsd.org> wrote:
> On Sun, Feb 21, 2010 at 6:14 PM, Julian Elischer <julian at elischer.org>wrote:
>
> > Bjoern A. Zeeb wrote:
> >
> >> On Sun, 21 Feb 2010, Julian Elischer wrote:
> >>
> >> Hi,
> >>
> >> Jim Sifferle wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> Does any FreeBSD branch / vimage release combination support separate pf
> >>>> AND ipfw configurations per jail? I need ipfw+pf/altq for HFSC queuing
> >>>
> >>> -current (9) should be close, with patches for pf supplied by ceri.
> >>
> >> s,ceri,eri, (Ermal Luçi)
> >
> > it'd be nice if itcould get committed
> >
> > Ermal, is it ready?
> >
> It is usable look at http://svn.freebsd.org/base/user/eri/pf45/head/.
> For vnet pfsync/pflow/pflog needs some fixes still.
>
I just now had some time to put together a CURRENT box for testing. I'm getting
a 'Fatal trap 12: page fault while in kernel mode' whenever I boot with
pf_enable set to YES in rc.conf. Here's my current setup:
- FreeBSD CURRENT cvs snapshot as of 2/25/10, running AMD64 kernel
- GENERIC kernel compiled with ALTQ and VIMAGE options, invariants and witness
options disabled, plus Imunes patch for FreeBSD 8 RC3 available here:
http://imunes.net/imunes-8.0-RC3.diff
- pf loaded as module with very simple pass all pf.conf
- ipfw not loaded
The Fatal trap seems to occur when pfctl is run.
I am recompiling my kernel with all debugging options turned on. Hopefully I
can get a good kernel dump. I will also try with fresh kernel sources skipping
the Imunes patch. Anything else I should try?
Thanks for your help,
Jim
More information about the freebsd-pf
mailing list