bpfilter: write fail -32 (on booting antix21)

Forum Forums General Software bpfilter: write fail -32 (on booting antix21)

  • This topic has 3 replies, 3 voices, and was last updated May 15-7:06 am by mikey777.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #140848
    Member
    mikey777

      During booting of antix21-base (using LXDE), when the lines of booting script autoscroll, before the desktop finally appears,
      I get several lines of script with the following format:

      [8-digit number] bpfilter: Loaded bpfilter_umh pid [4-digit number]
      [8-digit number] bpfilter: write fail -32

      What does it mean?
      Is it something that needs fixing?
      Apart from this, the OS seems to be working fine (as usual).

      Thanks in advance to anyone shedding any light on this…

      • This topic was modified 2 months, 3 weeks ago by mikey777.
      • This topic was modified 2 months, 3 weeks ago by mikey777.
      • This topic was modified 2 months, 3 weeks ago by mikey777.

      ▪ 32-bit antix19.4-core (SysV init)+LXDE legacy install on :
      - (2011) Samsung NP-N145 Plus (JP04UK) – single-core CPU Intel Atom N455@1.66GHz, 2GB RAM, integrated graphics.
      ▪ 64-bit antix21-base (SysV init)+LXDE legacy install on:
      - (2008) Asus X71Q (7SC002) – dual CPU Intel T3200@2.0GHz, 4GB RAM. Intel Mobile 4 Series, integrated graphics
      - (2007) Packard Bell Easynote MX37 (ALP-Ajax C3) – dual CPU Intel T2310@1.46GHz, 2GB RAM. SiS Graphics

      #140915
      Member
      Robin

        Following this article in a German computer magazine (use traduzir paginas web by Felipe PS, or similar, to read it in your language) bpfilter was first introduced in 2018 to the Linux kernel and is a next generation firewall, meant as an alternative method to the already existing Nftables und Iptables. The article was written two years later and explains this feature could be removed again from kernel, since it is neither used nor maintained by anybody as of June 2020. I can’t find any statement abut current state of bpfilter, but the two lines you have posted make me believe it is still present in the linux kernel.

        The line looks pretty similar to these ones: https://ubuntuforums.org/showthread.php?t=2445465&page=3 reported by ubuntu users.

        So may be this simply means the bpfilter in linux kernel is still poorly maintained or even broken and throws this error for some reason? Or maybe using another more recent kernel could make it work? (e.g. check out the latest 6.5 kernel from debian backports, at least in antiX 23.1 it is available from apt, not sure whether this goes also for your antiX 21)

        At least in my dmesg output no bpfilter error message shows up, running antiX 23.1 full runit Live, remastered to most recent package versions from the repos by apt, and live-kernel upgraded to 6.5.0-0.deb12.4-amd64 (using a debian kernel instead of an antiX kernel was not intentionally, I’m fine with antiX kernels, but I had to do it to enforce an initramfs update while dealing with the CPU-firmware-not-loaded-issue in antiX live.) So maybe checking out this kernel or any other recent 6.5 or 6.6 kernel might fix the write fail for you?

        When looking up bpf in wikipedia I read the following interesting line, can’t verify whether this is true or not:

        »Chinese computer security group Pangu Lab said the NSA used BPF to conceal network communications as part of a complex Linux backdoor.[13]«

        Not sure what to think of it.

        Windows is like a submarine. Open a window and serious problems will start.

        #140987
        Member
        Xunzi_23
          #142408
          Member
          mikey777

            @Xunzi_23 @Robin
            Thanks both of you for your informative feedback.
            Where has ‘bpfilter’ on my laptop come from? One thought was that it might have been prepackaged with the linux-libre 5.10 kernels used on the antix21 install on my daily-work laptop (Asus X71Q). However this isn’t the case, as I also have two antix23 installs on the same laptop, using the same kernels, but they boot normally, without the bpfilter error. So, it must have downloaded & installed itself while connected to the internet, though have absolutely no idea what the URL involved would have been …

            Even if the ‘bpfilter’ was malicious, the fact that it produces a “write fail” on my laptop when booting would suggest that it’s not working, and so maybe not a threat – does that sound reasonable?

            • This reply was modified 2 months, 1 week ago by mikey777.
            • This reply was modified 2 months ago by mikey777.
            • This reply was modified 2 months ago by mikey777.

            ▪ 32-bit antix19.4-core (SysV init)+LXDE legacy install on :
            - (2011) Samsung NP-N145 Plus (JP04UK) – single-core CPU Intel Atom N455@1.66GHz, 2GB RAM, integrated graphics.
            ▪ 64-bit antix21-base (SysV init)+LXDE legacy install on:
            - (2008) Asus X71Q (7SC002) – dual CPU Intel T3200@2.0GHz, 4GB RAM. Intel Mobile 4 Series, integrated graphics
            - (2007) Packard Bell Easynote MX37 (ALP-Ajax C3) – dual CPU Intel T2310@1.46GHz, 2GB RAM. SiS Graphics

          Viewing 4 posts - 1 through 4 (of 4 total)
          • You must be logged in to reply to this topic.