port-cobalt: starting ipfilter in 1.6

Subject: starting ipfilter in 1.6
To: None <port-cobalt@netbsd.org>
From: Byron Servies <bservies@pacang.com>
List: port-cobalt
Date: 01/20/2003 22:12:26
--lrZ03NoBR/3+SXJZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Hi there!

I use a qube2 running 1.5.2 as my gateway/firewall.  This
weekend I decided to try and upgrade the machine to 1.6,
since I have been running that on another qube2 with
success.  I had been running GENERIC, however, and not
a kernel with GATEWAY and the ipfilter psuedo device
turned on.

In short, the device is not available.  I suspect that
the mfs overwriting /dev due to the console not being
available, but I admit I may be way off base there.

Has anybody run ipfilter on a qube2 under 1.6?

I have attached the diff between GENERIC and the kernel
config I am using, as well as a boot log.  I have tried
a number of variations, including lkm, without success
(the lkm device is not found so modload will not work,
even after the kernel has booted completely).

Thanks,

Byron

--lrZ03NoBR/3+SXJZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="generic-fw.diff"

92c92
< #options 	GATEWAY		# IP packet forwarding
---
> options 	GATEWAY		# IP packet forwarding
122c122
< config		netbsd	root on ? type ?
---
> config		netbsd	root on ? type nfs
254c254
< #pseudo-device	ipfilter			# IP filter (firewall) and NAT
---
> pseudo-device	ipfilter			# IP filter (firewall) and NAT

--lrZ03NoBR/3+SXJZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="generic-fw.log"

Cobalt Microserver Diagnostics - 'We serve it, you surf it'
Built Wed Mar  3 21:26:25 PST 1999

 1.LCD Test................................PASS
 2.Controller Test.........................PASS
 5.Bank 0:.................................64M
 6.Bank 1:.................................64M
 7.Bank 2:.................................16M
 8.Bank 3:.................................0M
 9.Serial Test.............................PASS
10.PCI Expansion Slot....................**Unknown Card**
12.IDE Test................................PASS
13.Ethernet Test...........................PASS
16.RTC Test................................PASS
Decompressing -\|/-\|/-\|/-\| done
Decompressing -/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\ done.
 [ no symbols available ]
Copyright (c) 1996, 1997, 1998, 1999, 2000, 2001, 2002
    The NetBSD Foundation, Inc.  All rights reserved.
Copyright (c) 1982, 1986, 1989, 1991, 1993
    The Regents of the University of California.  All rights reserved.

NetBSD 1.6_STABLE (GENERIC-FW) #1: Mon Jan 20 16:49:18 PST 2003
    root@owl.central:/usr/src/sys/arch/cobalt/compile/GENERIC-FW
144 MB memory, 130 MB free, 7472 KB in 1868 buffers
mainbus0 (root)
com0 at mainbus0 addr 0x1c800000 level 3: st16650a, working fifo
com0: console
cpu0 at mainbus0: QED RM5200 CPU (0x28a0) Rev. 10.0 with built-in FPU Rev. 10.0
cpu0: 32KB/32B 2-way set-associative L1 Instruction cache, 48 TLB entries
cpu0: 32KB/32B 2-way set-associative write-back L1 Data cache
gt0 at mainbus0 addr 0x14000000
pci0 at gt0
pci0: i/o space, memory space enabled, rd/line, wr/inv ok
pchb0 at pci0 dev 0 function 0: Galileo GT-64111 System Controller, rev 1
tlp0 at pci0 dev 7 function 0: DECchip 21143 Ethernet, pass 4.1
tlp0: interrupting at level 1
tlp0: Ethernet address 00:10:e0:00:3d:71
lxtphy0 at tlp0 phy 1: LXT970 10/100 media interface, rev. 3
lxtphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
pcib0 at pci0 dev 9 function 0
pcib0: VIA Technologies VT82C586 (Apollo VP) PCI-ISA Bridge, rev 39
pciide0 at pci0 dev 9 function 1: VIA Technologies VT82C586 (Apollo VP) ATA33 controller
pciide0: bus-master DMA support present
pciide0: primary channel configured to compatibility mode
wd0 at pciide0 channel 0 drive 0: <QUANTUM FIREBALL EX6.4A>
wd0: drive supports 16-sector PIO transfers, LBA addressing
wd0: 6149 MB, 13328 cyl, 15 head, 63 sec, 512 bytes/sect x 12594960 sectors
wd0: 32-bit data port
wd0: drive supports PIO mode 4, DMA mode 2, Ultra-DMA mode 2 (Ultra/33)
pciide0: primary channel interrupting at irq 14
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 (Ultra/33) (using DMA data transfers)
pciide0: secondary channel configured to compatibility mode
pciide0: disabling secondary channel (no drives)
VIA Technologies VT83C572 USB Controller (USB serial bus, revision 0x02) at pci0 dev 9 function 2 not configured
ahc0 at pci0 dev 10 function 0
ahc0: interrupting at irq 9
ahc0: aic7859 Single Channel A, SCSI Id=7, 3/255 SCBs
scsibus0 at ahc0: 8 targets, 8 luns per target
tlp1 at pci0 dev 12 function 0: DECchip 21143 Ethernet, pass 4.1
tlp1: interrupting at level 2
tlp1: Ethernet address 00:10:e0:00:3d:8c
lxtphy1 at tlp1 phy 1: LXT970 10/100 media interface, rev. 3
lxtphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
scsibus0: waiting 2 seconds for devices to settle...
boot device: <unknown>
root on tlp0
nfs_boot: trying DHCP/BOOTP
nfs_boot: DHCP next-server: 10.8.6.66
nfs_boot: my_name=testqube
nfs_boot: my_domain=central
nfs_boot: my_addr=192.168.1.100
nfs_boot: my_mask=255.255.255.0
nfs_boot: gateway=192.168.1.1
root on 192.168.1.1:/exports/testqube-1.6/root
warning: no /dev/console
init: Creating mfs /dev
Mon Jan 20 18:21:36 UTC 2003
Starting file system checks:
Setting tty flags.
Enabling ipfilter.
open device: No such file or directory
SIOCFRENB: Bad file descriptor
open device: No such file or directory
ioctl(SIOCIPFFL): Bad file descriptor
open device: No such file or directory
28:ioctl(add/insert rule): Bad file descriptor
29:ioctl(add/insert rule): Bad file descriptor
	<snip more rules that do not load>
Setting sysctl variables:
Starting network.
Hostname: testqube
default              192.168.1.1          done
Configuring network interfaces:.
writing to routing socket: Network is unreachable
open device: No such file or directory
SIOCFRSYN: Bad file descriptor
Building databases...
kvm_mkdb: machdep.booted_kernel: the value is not available: No such file or directory
Starting syslogd.
Starting ipmon.
/dev/ipl: open: No such file or directory
Checking for core dump...
savecore: no core dump (no dumpdev)
Starting named.
Mounting all filesystems...
Clearing /tmp.
Installing NAT rules ... /dev/ipnat: open: No such file or directory
Checking quotas: done.
Setting securelevel: kern.securelevel: 0 -> 1
swapctl: adding 192.168.1.1:/exports/testqube-1.6/swap as swap device at priority 0
Starting virecover.
starting local daemons:.
Updating motd.
Starting ntpd.
Starting sshd.
Starting inetd.
Starting cron.
Mon Jan 20 18:21:55 UTC 2003

NetBSD/cobalt (testqube) (tty00)

login: 

--lrZ03NoBR/3+SXJZ--