From owner-freebsd-ipfw@FreeBSD.ORG  Sat Sep 13 19:52:00 2014
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 40DE939F
 for <freebsd-ipfw@freebsd.org>; Sat, 13 Sep 2014 19:52:00 +0000 (UTC)
Received: from mail-ob0-x235.google.com (mail-ob0-x235.google.com
 [IPv6:2607:f8b0:4003:c01::235])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 085B1186
 for <freebsd-ipfw@freebsd.org>; Sat, 13 Sep 2014 19:51:59 +0000 (UTC)
Received: by mail-ob0-f181.google.com with SMTP id wo20so1416336obc.26
 for <freebsd-ipfw@freebsd.org>; Sat, 13 Sep 2014 12:51:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :cc:content-type;
 bh=fgHvEEaFijpxm4bEcy+wRfBKs+cOatZHR6kKazREZ8A=;
 b=apMJ8SYWvlWymbWd8TYuxThR5/gODCpe51tBS5m6fX/kxloOumX0ugTj6zuSloOy6G
 Qrm24cdUUiJz8hCvtW90Sp+XF47Jb3NussagOBx+jqXjfYNrl0h19iYpsVm4XUrjaDVm
 8KbpcFZ0OG47q0jF9Ff9eMp5u+cTkkHlsd4yE4DWxiRjCrS9y3lZsKPBCR3RtQxovO6Z
 gHm0LSP1wRSvRq8vByt9fvnbXq8h3uk5Yho4MHZK+a+L9/VJkYDAluDHLK7VvtZrZWLo
 gDPp4/CZPA+Pv+MZvBpGZQiHUJArXl9pauIBv4heUmj13NTLnWrL6tMA5umg18OkmZUM
 URRw==
MIME-Version: 1.0
X-Received: by 10.60.157.233 with SMTP id wp9mr11306972oeb.80.1410637919386;
 Sat, 13 Sep 2014 12:51:59 -0700 (PDT)
Received: by 10.202.199.11 with HTTP; Sat, 13 Sep 2014 12:51:59 -0700 (PDT)
Received: by 10.202.199.11 with HTTP; Sat, 13 Sep 2014 12:51:59 -0700 (PDT)
In-Reply-To: <541469D4.6070107@gmail.com>
References: <CAOjFWZ4rx4FAc4AoPw3d=cSg4-z_QOWEF=phkT2PuzfUjn0y5A@mail.gmail.com>
 <CAOjFWZ6i1+gCZ9jMnBNEGqL7airdxN3d=B0__Z_Zj1gGG4APKg@mail.gmail.com>
 <541469D4.6070107@gmail.com>
Date: Sat, 13 Sep 2014 12:51:59 -0700
Message-ID: <CAOjFWZ749EazFz1prFRfidp9bqmqO+=+XFsu7mVtE+nq2CxwKw@mail.gmail.com>
Subject: Re: IPFW rule sets and automatic rule numbering
From: Freddie Cash <fjwcash@gmail.com>
To: bycn82 <bycn82@gmail.com>
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
Cc: freebsd-ipfw@freebsd.org
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Sep 2014 19:52:00 -0000

You can replicate it using 3 rules, loaded into two sets:

ipfw set disable 1
ipfw add allow ip from any to any
ipfw add 65524 allow ip from any to any
ipfw add allow ip from any to any
ipfw set swap 1 0

Run that two or 3 times. Every rule will be numbered 65534 after the 2nd or
3rd run.

I expected it to be numbered 10, 65524, 65534 after every run.

However, after reading the man page a few more times and thinking about it
a little more, it makes sense that the numbering is global across all sets,
as you can have multiple sets enabled simultaneously.

It just doesn't mesh with my desire to use auto numbering. I'm in the midst
of manually numbering all my rules now. :)