From owner-svn-src-head@freebsd.org Thu Aug 9 17:32:13 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3E76F106DCBB; Thu, 9 Aug 2018 17:32:13 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BFD5C7FAD6; Thu, 9 Aug 2018 17:32:12 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id w79HWAjN018695; Thu, 9 Aug 2018 10:32:10 -0700 (PDT) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id w79HWAU1018694; Thu, 9 Aug 2018 10:32:10 -0700 (PDT) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <201808091732.w79HWAU1018694@pdx.rh.CN85.dnsmgr.net> Subject: Re: svn commit: r337536 - head/sbin/ipfw In-Reply-To: <4860211533835727@sas1-dc4267721c1f.qloud-c.yandex.net> To: "Andrey V. Elsukov" Date: Thu, 9 Aug 2018 10:32:10 -0700 (PDT) CC: "rgrimes@freebsd.org" , "src-committers@freebsd.org" , "svn-src-all@freebsd.org" , "svn-src-head@freebsd.org" Reply-To: rgrimes@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UNKNOWN-8BIT X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Aug 2018 17:32:13 -0000 [ text/html is unsupported, treating like TEXT/PLAIN ] Can you resend in none html format please? >

19:50, 9 =D0=B0=D0=B2=D0=B3=D1=83=D1=81=D1=82=D0=B0 2018 =D0= =B3., "Rodney W. Grimes" <freebsd@pdx.rh.cn85.dnsmgr.net>:

-- Start of PGP signed section.
[ Charset UTF-8 unsupported,= converting... ]

=C2=A0On 09.08.2018 19:19, R= odney W. Grimes wrote:
=C2=A0>>>> table add/delete command= s had the same behavior, "nat" already noted in
=C2=A0>>>>= this list. What is the usage scenario do you use, where you need to fail=C2=A0>>>> on bad delete?=
=C2=A0>>>
=C2=A0>>> if [ ipfw delete ${1} ]; t= hen
=C2=A0>>> handle the missing rule
=C2=A0>>>= ; fi
=C2=A0>>
=C2=A0>> This is mostly unneeded operat= ion, that we wanted to avoid.
=C2=A0>> I.e. to= be able run in bath mode:
=C2=A0>>
=C2=A0>> delete $= {n}
=C2=A0>> add ${n} ...
=C2=A0>
=C2=A0> That = is one use case, but any shell script worth writting
=C2=A0> is wor= th writting to handle error conditions, and not being=
=C2=A0> able to handle errors while being silent is a PITA.
<= br />=C2=A0Ok, I still don't understand the usefulness of knowing the error=
=C2=A0code of delete command. But, I can propose the following soluti= on:
=C2=A0Index: ipfw2.c
=C2=A0=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D
=C2=A0--- ipfw2.c (revision 337541)
= =C2=A0+++ ipfw2.c (working copy)
=C2=A0@@ -3314,7 +3314,7 @@ ipfw_dele= te(char *av[])
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0}
=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0}
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0}
=C2=A0- if (exitval !=3D EX_OK && co.do_quiet =3D= =3D 0)
=C2=A0+ if (exitval !=3D EX_OK && co.do_force =3D=3D 0)=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0exit(exitval);
=C2=A0=C2=A0}

=C2=A0With this patch -q will work as "quiet", -f will work as "forc= e".
=C2=A0So, you can still get error code in shell script, and I can = run batched
=C2=A0commands with -q -f:

=C2=A0# ipfw -f dele= te 10000-11000 ; echo $?
=C2=A0= ipfw: no rules rules in 10000-11000 range
=C2=A00
= =C2=A0# ipfw -qf delete 10000-11000 ; echo $?
=C2=A00
=C2=A0# ipfw -q delete 10000-11000 ; echo $?
=C2=A069
=C2=A0Are you fine with this?

In spirit yes, in implementation No:

The -f option is docu= mented, and actually does, something different
than what your change w= ould implement.

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0-f Do not ask= for confirmation for commands that can cause pro= blems
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0if misused, i.e., flush. If there is no tty associated with= the
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0process, this is implied.

But this opt= ion means "force", with -f ipfw(8) will not ask any questions= and forcebly execute the command. The description in man page can be modif= ied to correctly describe the case.=C2=A0

=D0=9E=D1=82=D0=BF=D1= =80=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD=D0=BE =D0=B8=D0=B7 =D0=BC=D0=BE=D0=B1=D0= =B8=D0=BB=D1=8C=D0=BD=D0=BE=D0=B9 =D0=AF=D0=BD=D0=B4=D0=B5=D0=BA=D1=81.=D0= =9F=D0=BE=D1=87=D1=82=D1=8B: http://m.ya.ru/ymail --=20 Rod Grimes rgrimes@freebsd.= org