Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 28 Jul 2010 14:51:45 GMT
From:      pluknet <pluknet@gmail.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   conf/149036: [rc.d] [patch] Mixed/misuse of AND-OR list operators in rc.d/ipmon
Message-ID:  <201007281451.o6SEpjIr055398@www.freebsd.org>
Resent-Message-ID: <201007281500.o6SF08jn004969@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         149036
>Category:       conf
>Synopsis:       [rc.d] [patch] Mixed/misuse of AND-OR list operators in rc.d/ipmon
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jul 28 15:00:08 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     pluknet
>Release:        6.4-RELEASE-p9
>Organization:
>Environment:
>Description:
src/etc/rc.d/ipmon#rev1.5 added the next check:

	o In ipmon and ipnat show a warning if neither ipfilter nor
	  ipnat is enabled [..], and exit

1) this check mixes /bin/test and /bin/sh syntax of AND-OR list operators.
2) it checks for AND, while it should check for OR
(also see comment for cvs rev1.5 above).
>How-To-Repeat:
Place to /etc/rc.conf:
ipnat_enable="YES"
ipmon_enable="YES"

Try to launch ipmon:
# /etc/rc.d/ipmon start
/etc/rc.d/ipmon: ERROR: ipmon requires either ipfilter or ipnat enabled

>Fix:
1) Correct the combined check as done in attached patch.
2) profit
# /etc/rc.d/ipmon start
Starting ipmon.


Patch attached with submission follows:

Index: etc/rc.d/ipmon
===================================================================
--- etc/rc.d/ipmon	(revision 207204)
+++ etc/rc.d/ipmon	(working copy)
@@ -20,7 +20,7 @@
 	# Continue only if ipfilter or ipnat is enabled and the
 	# ipfilter module is loaded.
 	#
-	if ! checkyesno ipfilter_enable -o ! checkyesno ipnat_enable ; then
+	if ! checkyesno ipfilter_enable && ! checkyesno ipnat_enable ; then
 		err 1  "${name} requires either ipfilter or ipnat enabled"
 	fi
 	if ! sysctl net.inet.ipf.fr_pass >/dev/null 2>&1; then


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201007281451.o6SEpjIr055398>