pftop bugs? rnr does not work, states shown as * or 0

luckman212

I've been debugging some stuff with limiters and am trying to use pftop to see rule hits in realtime, but seem to be hitting some weird issues...

I'm on 22.05 but observed similar behavior on 2.5, 22.01 etc.

A few of the things I noticed...

• in rules view, states is always printing * or 0 even when I am sure there are established states for those rules
• trying to use the rnr primitive to filter states created by a specific rule just does not seem to work at all
• in long view I'm seeing LAN IPs show up in the GW column which seems incorrect to me
• the backspace key doesn't work when editing the filter, you can only use ctrl-H

I noticed pftop seems to have been dormant for a while and just a couple of days ago got a new maintainer? (grembo) https://www.freshports.org/sysutils/pftop

Anyone else having problems like this or know what I'm doing wrong? Any of it related to https://redmine.pfsense.org/issues/13155?

luckman212

I found the issue with the BACKSPACE key not working, and compiled a test build of pftop that I tested and does fix the problem on my system. But I'm confused about how to start working on getting this fixed. Not sure about who the maintainer is, and where the source code actually originates—FreshPorts, git... svn(??) or pfsense/FreeBSD-src—it's over my head.

I believe at this moment in time, github/grembo may be the maintainer? Or perhaps it's still github/araujobsd? @jimp can you provide any guidance on this?

as a start, I opened a PR on GitHub... and redmine #13251

jimp

FreshPorts usually has a friendly view of the most recent data. It would be in FreeBSD's git repo for the ports tree and not svn.

Normally you'd work directly with the upstream project to get things fixed up, then once they have a release, you'd work with the maintainer to get it into the ports tree. Once it's in the ports tree we can pick it up during our next update or if it's a significant problem we can pick it back.

luckman212

@jimp Thanks. I will try to track this down upstream and not bother you guys with it unless or until it's ready.

On a related note: when I copied my custom build over to my 6100, when switching to the rules tab I got Error Reading Anchor / (DIOCGETRULES): Permission denied. Searching didn't reveal much other than this 6 year old thread. I guess I need to figure out how to build a proper development environment if I want to have any hope of properly testing/fixing. Is this something that there is some documentation on somewhere? I couldn't find it.

jimp

You'll get errors like that in a lot of cases because the pf on the system you built on does not match the pf on the target system. They use different versions, data structures, kernel ABI, etc. Especially if you went from stock FreeBSD to pfSense.

luckman212

I created a small tool luckman212/stv to help make it a little easier to debug states. In case it's useful to anyone else.

luckman212

Some good news, grembo merged my PR and updated pftop to 0.8 which will show up soon. So that makes the backspace less of a problem for some people.

He also said he might be looking into the other bugs I mentioned over the coming weeks. Fingers crossed!

luckman212

Note: simply changing the terminal settings to send ^H instead of BKSP is not a universal fix.

For example, when I did this (iTerm2) I noticed that when ssh'ing to a new host and getting the prompt to accept/reject host keys, I can no longer backspace properly. Instead of deleting, it prints the literal ^H