Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[MX] Syslog message: 'dfwc: Failed to get mapping from kernel blob err no 2'

0

0

Article ID: KB35583 KB Last Updated: 04 Apr 2020Version: 1.0
Summary:

The following message is seen when a new firewall filter is configured or there is a change in the filter:

dfwc: Failed to get mapping from kernel blob err no 2

Symptoms:

Examples

When a new filter is added to the configuration:

[edit]
user@router-re0# show | compare rollback 1
[edit firewall]
+   filter TCP {
+       term 1 {
+           from {
+               protocol tcp;
+           }
+           then {
+               count COUNT;
+               accept;
+           }
+       }
+       term 2 {
+           then accept;
+       }
+   }

user@router-re0# run show system commit
0   2020-03-13 04:24:03 PDT by user via cli  <-- Filter config commit
1   2020-03-13 00:22:24 PDT by user via cli
2   2020-03-06 01:24:31 PST by user via cli
3   2020-03-06 01:19:50 PST by user via cli
 

Mar 13 00:25:15.190  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages.1.gz | match kernel '
Mar 13 00:25:28.780  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages.2.gz | match kernel '
Mar 13 00:25:50.466  router-re0 xntpd[4146]: kernel time sync enabled 2001
Mar 13 04:22:04.723  router-re0 kernel: lo0: promiscuous mode enabled
Mar 13 04:22:15.362  router-re0 kernel: lo0: promiscuous mode disabled
Mar 13 04:22:24.610  router-re0 kernel: hw.chassis.startup_time update to 1582645134.849367
Mar 13 04:24:03.548  router-re0 dfwc: Failed to get mapping from kernel blob err no 2  <-- message seen when user commit the Filter config.
Mar 13 04:24:03.592  router-re0 kernel: MM: rts_dfwasyncmsg async report fs 604
Mar 13 04:25:03.241  router-re0 mgd[33964]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages | match kernel 
 

When a portion of the filter is deleted:

[edit]
user@router-re0# delete firewall filter TCP term 1 then count COUNT
 
[edit]
user@router-re0# commit
commit complete
 
user@router-re0# run show log messages | match kernel | last 20
Mar 12 18:02:38.341  router-re0 xntpd[4146]: kernel time sync enabled 2001
Mar 13 00:22:33.464  router-re0 xntpd[4146]: kernel time sync disabled 2041
Mar 13 00:23:31.414  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages | match "kernel blob err no 2" '
Mar 13 00:23:47.209  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages | match "kernel blob err no 2" '
Mar 13 00:24:25.008  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages | match kernel '
Mar 13 00:24:42.158  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages.0.gz | match kernel '
Mar 13 00:25:15.190  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages.1.gz | match kernel '
Mar 13 00:25:28.780  router-re0 mgd[32398]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages.2.gz | match kernel '
Mar 13 00:25:50.466  router-re0 xntpd[4146]: kernel time sync enabled 2001
Mar 13 04:22:04.723  router-re0 kernel: lo0: promiscuous mode enabled
Mar 13 04:22:15.362  router-re0 kernel: lo0: promiscuous mode disabled
Mar 13 04:22:24.610  router-re0 kernel: hw.chassis.startup_time update to 1582645134.849367
Mar 13 04:24:03.548  router-re0 dfwc: Failed to get mapping from kernel blob err no 2
Mar 13 04:24:03.592  router-re0 kernel: MM: rts_dfwasyncmsg async report fs 604
Mar 13 04:25:03.241  router-re0 mgd[33964]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages | match kernel '
Mar 13 04:29:14.369  router-re0 dfwc: Failed to get mapping from kernel blob err no 2 <-- Log message seen again when a portion of Filter config is deleted.
Mar 13 04:29:14.414  router-re0 kernel: MM: rts_dfwasyncmsg async report fs 400
Mar 13 04:29:29.929  router-re0 mgd[33964]: UI_CMDLINE_READ_LINE: User 'user', command 'run show log messages | match kernel | last 20
Cause:

Distributed Firewall (DFW) is related to the dynamic firewall filter and changing it may show these syslog messages.

Solution:

These syslog messages can be ignored since they are informational and for internal use only.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search