I pulled on the patch string yesterday and am now regretting it...
(an Oracle 10 patch we are about to apply required a newer patch...)
I installed the latest patch cluster for Solaris 10 SPARC
on a Sol10 u2 based system we hadn't patched for a while (well, a
coupla years!).
This went ok, but upon reboot, my locally compiled (and previously functioning
perfectly) ip_fil4.1.31 / pfil2.1.13 failed to load due to stacks
of unresolved symbols. Ok, new kernel, network stack has obvioulsy changed
lots...
Ok, so then I decided to try to rebuild pfil/ipf under this
newly patched system, and quickly found that pfil doesn't build
so abandoned that.
-----
$ make CC=gcc
i=`uname -s`; case $i in HP-UX) make hpux;; *) make $i;; esac
make SunOS64
(cd SunOS; make pfil "BITS=32" OS=solaris DO=pfil "ADEF=-I.. -I. -D_KERNEL
-DSUNDDI -DSOLARIS2="`uname -r | sed -e 's/[0-9]*\.\([0-9]*\).*/\1/'`"
-DPFILDEBUG")
gcc -I.. -I. -D_KERNEL -DSUNDDI -DSOLARIS2=10 -DPFILDEBUG -c qif.c -o qif.o
qif.c:216:37: error: macro "ILL_START_WALK_ALL" requires 2 arguments, but
only 1 given
qif.c: In function 'q_to_ill':
qif.c:216: error: 'ILL_START_WALK_ALL' undeclared (first use in this function)
qif.c:216: error: (Each undeclared identifier is reported only once
qif.c:216: error: for each function it appears in.)
qif.c: In function 'qif_ire_walker':
qif.c:271: error: 'ire_t' has no member named 'ire_fp_mp'
qif.c: In function 'qif_attach':
qif.c:367: error: too few arguments to function 'ire_walk'
qif.c: In function 'qif_illrouteto':
qif.c:1023: error: too few arguments to function 'ire_route_lookup'
*** Error code 1
make: Fatal error: Command failed for target `qif.o'
-----
Ok, obviously this new pfil needs some work for this version of Sol10 yet.
So, I decided to reinstall Sun's supported IPF to give that another chance.
As it wasn't installed during the patch cluster install (and for some
reason I didn't want to totally reinstall and repatch the entire system),
I pkgadd'd SUNWipfr and SUNWipfu from the original u2 distribution
and then pkgadd'd each patch for these packages from the patch cluster,
in the order that the patch cluster packages was applied ...
(from patch_order)
This semeed to work ok, except that at the end, pfil was nowhere
to be seen, as patch 120011-14 has eradicated it.
(look for the word 'deleted' in this patch's README)
I redid the installs to be sure... SUNWipfr was patched in these:
119042-11
118833-36
125503-02
120011-14
but pfil disappeared in 120011-14
Ok, so thinking that pfil may no longer be required, I enabled
ipfilter using this:
svcadm enable svc:/network/ipfilter:default
but it went straight to maintenance state complaining that pfil wasn't found.
Perusing /var/svc/log/network-ipfilter:default.log:
[ Oct 22 00:34:14 Executing start method ("/lib/svc/method/ipfilter start")
]
/lib/svc/method/ipfilter: /usr/sbin/pfild: not found
open of /dev/pfil failed: No such file or directory
pfil not available to support ipfilter
[ Oct 22 00:34:14 Method "start" exited with status 96 ]
WTF? Is this an error in the patch or has something fundamentlly changed?
FWIW its a Sun Fire V100 I did these test upgrades on.
Ian D
