IFOCTL_DROPS: sysctl operation not supported

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

IFOCTL_DROPS: sysctl operation not supported

Martijn van Duren-8
Found this one by because snmpd returns an invalid varbind on my laptop.
Doing some digging I found the following:
Error message:
mib_iftable: iwm0: invalid ifq: Operation not supported
mib_iftable: em0: invalid ifq: Operation not supported

sysctl mib:
{ CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };

file: usr.sbin/snmpd/mib.c:1198

I'll look at why snmpd returns an invalid packet later, but did anything
change in packet drop land that could've caused this?

martijn@

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Stuart Henderson
On 2019/08/13 11:30, Martijn van Duren wrote:

> Found this one by because snmpd returns an invalid varbind on my laptop.
> Doing some digging I found the following:
> Error message:
> mib_iftable: iwm0: invalid ifq: Operation not supported
> mib_iftable: em0: invalid ifq: Operation not supported
>
> sysctl mib:
> { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
>
> file: usr.sbin/snmpd/mib.c:1198
>
> I'll look at why snmpd returns an invalid packet later, but did anything
> change in packet drop land that could've caused this?
>
> martijn@
>

Yes, the input queuing mechanism was changed, these are no longer used.

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Stuart Henderson
On 2019/08/13 12:20, Stuart Henderson wrote:

> On 2019/08/13 11:30, Martijn van Duren wrote:
> > Found this one by because snmpd returns an invalid varbind on my laptop.
> > Doing some digging I found the following:
> > Error message:
> > mib_iftable: iwm0: invalid ifq: Operation not supported
> > mib_iftable: em0: invalid ifq: Operation not supported
> >
> > sysctl mib:
> > { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
> >
> > file: usr.sbin/snmpd/mib.c:1198
> >
> > I'll look at why snmpd returns an invalid packet later, but did anything
> > change in packet drop land that could've caused this?
> >
> > martijn@
> >
>
> Yes, the input queuing mechanism was changed, these are no longer used.
>

oops s/input/interface :)

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Martijn van Duren-8


On 8/13/19 1:23 PM, Stuart Henderson wrote:

> On 2019/08/13 12:20, Stuart Henderson wrote:
>> On 2019/08/13 11:30, Martijn van Duren wrote:
>>> Found this one by because snmpd returns an invalid varbind on my laptop.
>>> Doing some digging I found the following:
>>> Error message:
>>> mib_iftable: iwm0: invalid ifq: Operation not supported
>>> mib_iftable: em0: invalid ifq: Operation not supported
>>>
>>> sysctl mib:
>>> { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
>>>
>>> file: usr.sbin/snmpd/mib.c:1198
>>>
>>> I'll look at why snmpd returns an invalid packet later, but did anything
>>> change in packet drop land that could've caused this?
>>>
>>> martijn@
>>>
>>
>> Yes, the input queuing mechanism was changed, these are no longer used.
>>
>
> oops s/input/interface :)
>
Does this mean we need to remove this mib from snmpd, or do we need to
invoke some other incantation?

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Claudio Jeker-3
On Tue, Aug 13, 2019 at 01:27:44PM +0200, Martijn van Duren wrote:

>
>
> On 8/13/19 1:23 PM, Stuart Henderson wrote:
> > On 2019/08/13 12:20, Stuart Henderson wrote:
> >> On 2019/08/13 11:30, Martijn van Duren wrote:
> >>> Found this one by because snmpd returns an invalid varbind on my laptop.
> >>> Doing some digging I found the following:
> >>> Error message:
> >>> mib_iftable: iwm0: invalid ifq: Operation not supported
> >>> mib_iftable: em0: invalid ifq: Operation not supported
> >>>
> >>> sysctl mib:
> >>> { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
> >>>
> >>> file: usr.sbin/snmpd/mib.c:1198
> >>>
> >>> I'll look at why snmpd returns an invalid packet later, but did anything
> >>> change in packet drop land that could've caused this?
> >>>
> >>> martijn@
> >>>
> >>
> >> Yes, the input queuing mechanism was changed, these are no longer used.
> >>
> >
> > oops s/input/interface :)
> >
> Does this mean we need to remove this mib from snmpd, or do we need to
> invoke some other incantation?

Uhm wait, that is querying net.inet.ip.ifq.drops and yes, that is gone but
that has nothing todo with interface counters. What kind of mib value is that?

--
:wq Claudio

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Martijn van Duren-8
On 8/13/19 1:40 PM, Claudio Jeker wrote:

> On Tue, Aug 13, 2019 at 01:27:44PM +0200, Martijn van Duren wrote:
>>
>>
>> On 8/13/19 1:23 PM, Stuart Henderson wrote:
>>> On 2019/08/13 12:20, Stuart Henderson wrote:
>>>> On 2019/08/13 11:30, Martijn van Duren wrote:
>>>>> Found this one by because snmpd returns an invalid varbind on my laptop.
>>>>> Doing some digging I found the following:
>>>>> Error message:
>>>>> mib_iftable: iwm0: invalid ifq: Operation not supported
>>>>> mib_iftable: em0: invalid ifq: Operation not supported
>>>>>
>>>>> sysctl mib:
>>>>> { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
>>>>>
>>>>> file: usr.sbin/snmpd/mib.c:1198
>>>>>
>>>>> I'll look at why snmpd returns an invalid packet later, but did anything
>>>>> change in packet drop land that could've caused this?
>>>>>
>>>>> martijn@
>>>>>
>>>>
>>>> Yes, the input queuing mechanism was changed, these are no longer used.
>>>>
>>>
>>> oops s/input/interface :)
>>>
>> Does this mean we need to remove this mib from snmpd, or do we need to
>> invoke some other incantation?
>
> Uhm wait, that is querying net.inet.ip.ifq.drops and yes, that is gone but
> that has nothing todo with interface counters. What kind of mib value is that?
>

That would be:
.iso.org.dod.internet.mgmt.mib_2.interfaces.ifTable.ifEntry.ifInDiscards

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Stuart Henderson
On 2019/08/13 13:43, Martijn van Duren wrote:

> On 8/13/19 1:40 PM, Claudio Jeker wrote:
> > On Tue, Aug 13, 2019 at 01:27:44PM +0200, Martijn van Duren wrote:
> >>
> >>
> >> On 8/13/19 1:23 PM, Stuart Henderson wrote:
> >>> On 2019/08/13 12:20, Stuart Henderson wrote:
> >>>> On 2019/08/13 11:30, Martijn van Duren wrote:
> >>>>> Found this one by because snmpd returns an invalid varbind on my laptop.
> >>>>> Doing some digging I found the following:
> >>>>> Error message:
> >>>>> mib_iftable: iwm0: invalid ifq: Operation not supported
> >>>>> mib_iftable: em0: invalid ifq: Operation not supported
> >>>>>
> >>>>> sysctl mib:
> >>>>> { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
> >>>>>
> >>>>> file: usr.sbin/snmpd/mib.c:1198
> >>>>>
> >>>>> I'll look at why snmpd returns an invalid packet later, but did anything
> >>>>> change in packet drop land that could've caused this?
> >>>>>
> >>>>> martijn@
> >>>>>
> >>>>
> >>>> Yes, the input queuing mechanism was changed, these are no longer used.
> >>>>
> >>>
> >>> oops s/input/interface :)
> >>>
> >> Does this mean we need to remove this mib from snmpd, or do we need to
> >> invoke some other incantation?
> >
> > Uhm wait, that is querying net.inet.ip.ifq.drops and yes, that is gone but
> > that has nothing todo with interface counters. What kind of mib value is that?
> >
>
> That would be:
> .iso.org.dod.internet.mgmt.mib_2.interfaces.ifTable.ifEntry.ifInDiscards

Prior to this sysctl mib removal, the snmp mib was already returning bogus
information here.

It should be this:

 "The number of inbound packets which were chosen to be discarded even
though no errors had been detected to prevent their being deliverable
to a higher-layer protocol. One possible reason for discarding such a
packet could be to free up buffer space."

I think this should probably display the same as Idrop in
"netstat -I $interface -nd".

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Claudio Jeker-3
In reply to this post by Martijn van Duren-8
On Tue, Aug 13, 2019 at 01:43:13PM +0200, Martijn van Duren wrote:

> On 8/13/19 1:40 PM, Claudio Jeker wrote:
> > On Tue, Aug 13, 2019 at 01:27:44PM +0200, Martijn van Duren wrote:
> >>
> >>
> >> On 8/13/19 1:23 PM, Stuart Henderson wrote:
> >>> On 2019/08/13 12:20, Stuart Henderson wrote:
> >>>> On 2019/08/13 11:30, Martijn van Duren wrote:
> >>>>> Found this one by because snmpd returns an invalid varbind on my laptop.
> >>>>> Doing some digging I found the following:
> >>>>> Error message:
> >>>>> mib_iftable: iwm0: invalid ifq: Operation not supported
> >>>>> mib_iftable: em0: invalid ifq: Operation not supported
> >>>>>
> >>>>> sysctl mib:
> >>>>> { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
> >>>>>
> >>>>> file: usr.sbin/snmpd/mib.c:1198
> >>>>>
> >>>>> I'll look at why snmpd returns an invalid packet later, but did anything
> >>>>> change in packet drop land that could've caused this?
> >>>>>
> >>>>> martijn@
> >>>>>
> >>>>
> >>>> Yes, the input queuing mechanism was changed, these are no longer used.
> >>>>
> >>>
> >>> oops s/input/interface :)
> >>>
> >> Does this mean we need to remove this mib from snmpd, or do we need to
> >> invoke some other incantation?
> >
> > Uhm wait, that is querying net.inet.ip.ifq.drops and yes, that is gone but
> > that has nothing todo with interface counters. What kind of mib value is that?
> >
>
> That would be:
> .iso.org.dod.internet.mgmt.mib_2.interfaces.ifTable.ifEntry.ifInDiscards

In that case you want to use ifi_iqdrops in struct if_data.
So maybe something like the appended diff could work.
Then there is also case 21 that gets net.inet.ip.ifq.len which needs to be
changed too.

--
:wq Claudio

Index: mib.c
===================================================================
RCS file: /cvs/src/usr.sbin/snmpd/mib.c,v
retrieving revision 1.94
diff -u -p -r1.94 mib.c
--- mib.c 28 Jun 2019 13:32:51 -0000 1.94
+++ mib.c 13 Aug 2019 11:47:29 -0000
@@ -1195,15 +1195,7 @@ mib_iftable(struct oid *oid, struct ber_
  ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_COUNTER32);
  break;
  case 13:
- mib[3] = IPCTL_IFQUEUE;
- mib[4] = IFQCTL_DROPS;
- len = sizeof(ifq);
- if (sysctl(mib, sizeofa(mib), &ifq, &len, 0, 0) == -1) {
- log_info("mib_iftable: %s: invalid ifq: %s",
-    kif->if_name, strerror(errno));
- return (-1);
- }
- ber = ber_add_integer(ber, ifq);
+ ber = ber_add_integer(ber, (u_int32_t)kif->if_iqdrops);
  ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_COUNTER32);
  break;
  case 14:

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Martijn van Duren-8
On 8/13/19 1:50 PM, Claudio Jeker wrote:

> On Tue, Aug 13, 2019 at 01:43:13PM +0200, Martijn van Duren wrote:
>> On 8/13/19 1:40 PM, Claudio Jeker wrote:
>>> On Tue, Aug 13, 2019 at 01:27:44PM +0200, Martijn van Duren wrote:
>>>>
>>>>
>>>> On 8/13/19 1:23 PM, Stuart Henderson wrote:
>>>>> On 2019/08/13 12:20, Stuart Henderson wrote:
>>>>>> On 2019/08/13 11:30, Martijn van Duren wrote:
>>>>>>> Found this one by because snmpd returns an invalid varbind on my laptop.
>>>>>>> Doing some digging I found the following:
>>>>>>> Error message:
>>>>>>> mib_iftable: iwm0: invalid ifq: Operation not supported
>>>>>>> mib_iftable: em0: invalid ifq: Operation not supported
>>>>>>>
>>>>>>> sysctl mib:
>>>>>>> { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_IFQUEUE, IFQCTL_DROPS };
>>>>>>>
>>>>>>> file: usr.sbin/snmpd/mib.c:1198
>>>>>>>
>>>>>>> I'll look at why snmpd returns an invalid packet later, but did anything
>>>>>>> change in packet drop land that could've caused this?
>>>>>>>
>>>>>>> martijn@
>>>>>>>
>>>>>>
>>>>>> Yes, the input queuing mechanism was changed, these are no longer used.
>>>>>>
>>>>>
>>>>> oops s/input/interface :)
>>>>>
>>>> Does this mean we need to remove this mib from snmpd, or do we need to
>>>> invoke some other incantation?
>>>
>>> Uhm wait, that is querying net.inet.ip.ifq.drops and yes, that is gone but
>>> that has nothing todo with interface counters. What kind of mib value is that?
>>>
>>
>> That would be:
>> .iso.org.dod.internet.mgmt.mib_2.interfaces.ifTable.ifEntry.ifInDiscards
>
> In that case you want to use ifi_iqdrops in struct if_data.
> So maybe something like the appended diff could work.
> Then there is also case 21 that gets net.inet.ip.ifq.len which needs to be
> changed too.
>
This diff is outside my area of expertise.
If that fixes the issue you have my blessing, but ENOCLUE.

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Stuart Henderson
In reply to this post by Claudio Jeker-3
On 2019/08/13 13:50, Claudio Jeker wrote:
> In that case you want to use ifi_iqdrops in struct if_data.
> So maybe something like the appended diff could work.

OK sthen@ for this one.

> Then there is also case 21 that gets net.inet.ip.ifq.len which needs to be
> changed too.

I don't we have a good value to use here, besides that is deprecated in IF-MIB
anyway.

ifOutQLen OBJECT-TYPE
    SYNTAX      Gauge32
    MAX-ACCESS  read-only
    STATUS      deprecated
    DESCRIPTION
            "The length of the output packet queue (in packets)."
    ::= { ifEntry 21 }

I think this would be reasonable ..

--- mib.c- Tue Aug 13 13:28:03 2019
+++ mib.c Tue Aug 13 13:28:04 2019
@@ -1227,15 +1227,7 @@ mib_iftable(struct oid *oid, struct ber_oid *o, struct
  ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_COUNTER32);
  break;
  case 21:
- mib[3] = IPCTL_IFQUEUE;
- mib[4] = IFQCTL_LEN;
- len = sizeof(ifq);
- if (sysctl(mib, sizeofa(mib), &ifq, &len, 0, 0) == -1) {
- log_info("mib_iftable: %s: invalid ifq: %s",
-    kif->if_name, strerror(errno));
- return (-1);
- }
- ber = ber_add_integer(ber, ifq);
+ ber = ber_add_integer(ber, 0);
  ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_GAUGE32);
  break;
  case 22:




Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Stuart Henderson
On 2019/08/13 13:29, Stuart Henderson wrote:

> On 2019/08/13 13:50, Claudio Jeker wrote:
> > In that case you want to use ifi_iqdrops in struct if_data.
> > So maybe something like the appended diff could work.
>
> OK sthen@ for this one.
>
> > Then there is also case 21 that gets net.inet.ip.ifq.len which needs to be
> > changed too.
>
> I don't we have a good value to use here, besides that is deprecated in IF-MIB
> anyway.
>
> ifOutQLen OBJECT-TYPE
>     SYNTAX      Gauge32
>     MAX-ACCESS  read-only
>     STATUS      deprecated
>     DESCRIPTION
>             "The length of the output packet queue (in packets)."
>     ::= { ifEntry 21 }
>
> I think this would be reasonable ..

Actually mib/len are no longer needed, so:

--- mib.c- Tue Aug 13 13:28:03 2019
+++ mib.c Tue Aug 13 13:30:47 2019
@@ -1106,9 +1106,6 @@ mib_iftable(struct oid *oid, struct ber_oid *o, struct
  u_int32_t idx = 0;
  struct kif *kif;
  long long i;
- size_t len;
- int ifq;
- int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, 0, 0 };
 
  /* Get and verify the current row index */
  idx = o->bo_id[OIDIDX_ifEntry];
@@ -1227,15 +1224,7 @@ mib_iftable(struct oid *oid, struct ber_oid *o, struct
  ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_COUNTER32);
  break;
  case 21:
- mib[3] = IPCTL_IFQUEUE;
- mib[4] = IFQCTL_LEN;
- len = sizeof(ifq);
- if (sysctl(mib, sizeofa(mib), &ifq, &len, 0, 0) == -1) {
- log_info("mib_iftable: %s: invalid ifq: %s",
-    kif->if_name, strerror(errno));
- return (-1);
- }
- ber = ber_add_integer(ber, ifq);
+ ber = ber_add_integer(ber, 0);
  ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_GAUGE32);
  break;
  case 22:

Reply | Threaded
Open this post in threaded view
|

Re: IFOCTL_DROPS: sysctl operation not supported

Claudio Jeker-3
On Tue, Aug 13, 2019 at 01:31:16PM +0100, Stuart Henderson wrote:

> On 2019/08/13 13:29, Stuart Henderson wrote:
> > On 2019/08/13 13:50, Claudio Jeker wrote:
> > > In that case you want to use ifi_iqdrops in struct if_data.
> > > So maybe something like the appended diff could work.
> >
> > OK sthen@ for this one.
> >
> > > Then there is also case 21 that gets net.inet.ip.ifq.len which needs to be
> > > changed too.
> >
> > I don't we have a good value to use here, besides that is deprecated in IF-MIB
> > anyway.
> >
> > ifOutQLen OBJECT-TYPE
> >     SYNTAX      Gauge32
> >     MAX-ACCESS  read-only
> >     STATUS      deprecated
> >     DESCRIPTION
> >             "The length of the output packet queue (in packets)."
> >     ::= { ifEntry 21 }
> >
> > I think this would be reasonable ..
>
> Actually mib/len are no longer needed, so:
>
> --- mib.c- Tue Aug 13 13:28:03 2019
> +++ mib.c Tue Aug 13 13:30:47 2019
> @@ -1106,9 +1106,6 @@ mib_iftable(struct oid *oid, struct ber_oid *o, struct
>   u_int32_t idx = 0;
>   struct kif *kif;
>   long long i;
> - size_t len;
> - int ifq;
> - int mib[] = { CTL_NET, PF_INET, IPPROTO_IP, 0, 0 };
>  
>   /* Get and verify the current row index */
>   idx = o->bo_id[OIDIDX_ifEntry];
> @@ -1227,15 +1224,7 @@ mib_iftable(struct oid *oid, struct ber_oid *o, struct
>   ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_COUNTER32);
>   break;
>   case 21:
> - mib[3] = IPCTL_IFQUEUE;
> - mib[4] = IFQCTL_LEN;
> - len = sizeof(ifq);
> - if (sysctl(mib, sizeofa(mib), &ifq, &len, 0, 0) == -1) {
> - log_info("mib_iftable: %s: invalid ifq: %s",
> -    kif->if_name, strerror(errno));
> - return (-1);
> - }
> - ber = ber_add_integer(ber, ifq);
> + ber = ber_add_integer(ber, 0);
>   ber_set_header(ber, BER_CLASS_APPLICATION, SNMP_T_GAUGE32);
>   break;
>   case 22:
>

OK claudio@

--
:wq Claudio