tech-net: Re: ippool error (ipf v4.1.3)

Subject: Re: ippool error (ipf v4.1.3)
To: None <tech-net@netbsd.org>
From: None <yancm@sdf.lonestar.org>
List: tech-net
Date: 05/17/2006 21:26:53
To: tech-net@netbsd.org
cc/crosspost to: ipfilter@coombs.anu.edu.au

This is a follow up and cross post to a thread that I started on
the ipf(ilter) mailing list because most of my issues were
with (I thought) understanding ipf.

Now I believe that ippool functionality of ipf is broken on NetBSD...
Possibly all versions since 2.0? I found the following unanswered message
in the mail archives from last year:
http://mail-index.netbsd.org/current-users/2005/04/14/0007.html

It's safe and easy to test:
# ippool -l
[see manpage for ippool for details]

If you get an error message with 3+ and/or current that lends
credence to my concern...

I turned in a send-pr on fixing the missing device but somehow
there is more to the problem. [see misc/33504]

At this point just looking for confirmation this is broken or not.

> To follow up, I rebooted but this problem is still there.
>
> Do you know if ippool has ever been tested on NetBSD?
>
> I checked my kernel config file, but did not find any
> switches specifically for ippool.
>
> I do not have any ideas on how to fix it. 8-(
>
> Help please!?!?
>
> --gene
>
>> I created the node and submitted the bugfix via send-pr.
>>
>> Unfortunately I now get:
>> clarity 16 # ippool -f test.pool
>> load_pool:SIOCLOOKUPADDTABLE: Input/output error
>> clarity 17 # ippool -l
>> ioctl(SIOCLOOKUPSTAT): Input/output error
>
>>> I'm using NetBSD 2.1_Stable
>>>> ipf V4.1.3
>>>>
>>>> ipf and ipnat are working fine...
>>>>
>>>> When I try to invoke ippool, I get the following error message:
>>>> ippool -l
>>>> open(IPLOOKUP_NAME): No such file or directory
>>>>
>>>> ippool -f test.pool gives same error message.
>>>>
>>>> I notice that there is no /dev/iplookup
>>>>
>>>> In /dev , "./MAKEDEV iplookup" says:
>>>> ./MAKEDEV: iplookup: unknown device.
>>>
>>> Use send-pr and report the problem.
>>>
>>>> Is the error due to not having /dev/iplookup?
>>>
>>> Yes.
>>>
>>>> If so, how do I create this device?
>>>
>>> If you do "ls -al /dev/ipnat", you should see something like:
>>> crw-------  1 root  wheel  44, 1 May 15 07:08 /dev/ipnat
>>>
>>> do:
>>> mknod /dev/iplookup c 44 6