pfiles does not properly identify PF_KEY or PF_POLICY
Discovered in-house at Joyent as OS-6254, the pfiles(1) command doesn't report information that a socket is PF_KEY or PF_POLICY. Easily demonstrated by running
pfiles `pgrep iked`on a machine running IKE.
Updated by Dan McDonald over 3 years ago
Two ways to test:
1.) (easy way) Do pfiles `pgrep in.iked` on a system running IKE. File descriptor 5(ish) will have little useful information. With this fix, it will have more useful information.
2.) (harder way, but proves PF_POLICY)
a.) truss -Twrite ipsecconf -qF
b.) pfiles `pgrep ipsecconf`
Updated by Electric Monk over 3 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
commit f8cbe0e7fd4f172d5ed456a8f7425890e1ea20cd Author: Dan McDonald <firstname.lastname@example.org> Date: 2017-08-08T13:01:51.000Z 8541 pfiles does not properly identify PF_KEY or PF_POLICY Reviewed by: Mike Zeller <email@example.com> Reviewed by: Patrick Mooney <firstname.lastname@example.org> Reviewed by: Yuri Pankov <email@example.com> Approved by: Richard Lowe <firstname.lastname@example.org>