On 04/07/2023 19:13, Kapetanakis Giannis wrote:
On 03/07/2023 19:18, Alexandr Nedvedicky wrote:
--------8<---------------8<---------------8<------------------8<--------
diff --git a/usr.sbin/relayd/pfe.c b/usr.sbin/relayd/pfe.c
index 3a97b749c4b..ad9c9cdc0cc 100644
--- a/usr.sbin/relayd/pfe.c
+++ b/usr.sbin/relayd/pfe.c
@@ -93,6 +93,7 @@ pfe_init(struct privsep *ps, struct privsep_proc
*p, void *arg)
void
pfe_shutdown(void)
{
+ pfe_disable_events();
flush_rulesets(env);
config_purge(env, CONFIG_ALL);
}
After adding this I got:
Jul 4 18:39:20 ll1 relayd[44353]: pfe: sync_table: cannot set address
list: No such process
Jul 4 18:39:20 ll1 relayd[89408]: parent: proc_dispatch:
msgbuf_write: Broken pipe
This was only the first time I did the restart.
I didn't get it another time, don't know if it's related to this
change or some other circumstance.
As far as the diff:
I was able to trigger it again, but this time when the patched relayd
was in BACKUP state (demoted).
I was trying to trigger it on the backup firewall...
I disabled dir1/dir2 hosts in both firewalls. I was expecting fw2 to
stop, but I saw fw1 stopping (the patched one).
Jul 4 19:07:51 ll1 relayd[17501]: pfe: check_table: cannot get table
stats for dir-lmtp@relayd/dir-lmtp: No such file or directory
G
additional note:
dir-lmtp is the only redirect that has 2 listen directives. Don't know
if this is related.
redirect dir-lmtp {
listen on $dir_addr port 24
listen on $imap_vip port 24 interface $imap_if
pftag RELAYD_dir
sticky-address
forward to <dir_> port 24 mode least-states check icmp demote 0relay
session timeout 4200
}
one is for actual job and other is for external checks (nagios/zabbix).
G
