Flow monitoring with PF
Stefan Esser
se at freebsd.org
Wed Jun 12 10:10:54 UTC 2013
Am 12.06.2013 02:17, schrieb Scott, Brian:
>> I was looking at trying out flow monitoring and I found pfflowd, but unfortunately it does not work with FreeBSD >9.0. I thought about ng_netflow but that doesn't >see my tun interface which may be related to..
>> WARNING: attempt to domain_add(netgraph) after domainfinalize()
>
> Noise message. I've never seen it actually mean anything.
This message indicates a possible problem (leading to panics under
specific circumstances). I proposed a patch to fix the panic, but
was reluctant to commit it, because I knew the patch was not complete
(and I was working toward a better solution).
It was then taken by somebody who ignored the problems with the patch
and committed against my advise. That's when I stopped working on a
real fix - the committer of my (incomplete) patch owns the problem
now (and is not active anymore, AFAICT).
The problem is that registering a network domain after the kernel
has been running (e.g. when loading Netgraph as a kernel module),
data structures in the kernel need to be adjusted. AFAICR, it works
as long as only one new network domain is loaded (e.g. Netgraph),
but may fail if another one is loaded thereafter (this used to be
triggered by ISDN, which had its own network domain but is history,
now).
Sorry for having nothing to add on the subject of this thread ...
Regards, STefan
More information about the freebsd-stable
mailing list