Site Navigation

Date:      Thu, 9 Aug 2018 10:32:10 -0700 (PDT)
From:      "Rodney W. Grimes" <freebsd@pdx.rh.CN85.dnsmgr.net>
To:        "Andrey V. Elsukov" <bu7cher@yandex.ru>
Cc:        "rgrimes@freebsd.org" <rgrimes@freebsd.org>, "src-committers@freebsd.org" <src-committers@freebsd.org>, "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>
Subject:   Re: svn commit: r337536 - head/sbin/ipfw
Message-ID:  <201808091732.w79HWAU1018694@pdx.rh.CN85.dnsmgr.net>
In-Reply-To: <4860211533835727@sas1-dc4267721c1f.qloud-c.yandex.net>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

[ text/html is unsupported, treating like TEXT/PLAIN ]
Can you resend in none html format please?



> <br /><br />19:50, 9 =D0=B0=D0=B2=D0=B3=D1=83=D1=81=D1=82=D0=B0 2018 =D0=
=B3., "Rodney W. Grimes" &lt;freebsd@pdx.rh.cn85.dnsmgr.net&gt;:<br /><bloc=
kquote><p>-- Start of PGP signed section.<br />[ Charset UTF-8 unsupported,=
 converting... ]<br /></p><blockquote>=C2=A0On 09.08.2018 19:19, R=
odney W. Grimes wrote:<br />=C2=A0&gt;&gt;&gt;&gt; table add/delete command=
s had the same behavior, "nat" already noted in<br />=C2=A0&gt;&gt;&gt;&gt;=
 this list. What is the usage scenario do you use, where you need to fail<b=
r />=C2=A0&gt;&gt;&gt;&gt; on bad delete?=
<br />=C2=A0&gt;&gt;&gt;<br />=C2=A0&gt;&gt;&gt; if [ ipfw delete ${1} ]; t=
hen<br />=C2=A0&gt;&gt;&gt; 	handle the missing rule<br />=C2=A0&gt;&gt;&gt=
; fi<br />=C2=A0&gt;&gt;<br />=C2=A0&gt;&gt; This is mostly unneeded operat=
ion, that we wanted to avoid.<br />=C2=A0&gt;&gt; I.e. to=
 be able run in bath mode:<br />=C2=A0&gt;&gt;<br />=C2=A0&gt;&gt; delete $=
{n}<br />=C2=A0&gt;&gt; add ${n} ...<br />=C2=A0&gt; <br />=C2=A0&gt; That =
is one use case, but any shell script worth writting<br />=C2=A0&gt; is wor=
th writting to handle error conditions, and not being=
<br />=C2=A0&gt; able to handle errors while being silent is a PITA.<br /><=
br />=C2=A0Ok, I still don't understand the usefulness of knowing the error=
<br />=C2=A0code of delete command. But, I can propose the following soluti=
on:<br />=C2=A0Index: ipfw2.c<br />=C2=A0=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D<br />=C2=A0--- ipfw2.c	(revision 337541)<br />=
=C2=A0+++ ipfw2.c	(working copy)<br />=C2=A0@@ -3314,7 +3314,7 @@ ipfw_dele=
te(char *av[])<br />=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0}<br />=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0}<br />=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0}<br />=C2=A0-	if (exitval !=3D EX_OK &amp;&amp; co.do_quiet =3D=
=3D 0)<br />=C2=A0+	if (exitval !=3D EX_OK &amp;&amp; co.do_force =3D=3D 0)=
<br />=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0exit(exitval);<br />=C2=A0=C2=A0}<br=
 /><br /=
><br />=C2=A0With this patch -q will work as "quiet", -f will work as "forc=
e".<br />=C2=A0So, you can still get error code in shell script, and I can =
run batched<br />=C2=A0commands with -q -f:<br /><br />=C2=A0# ipfw -f dele=
te <span>10000-11000</span> ; echo $?<br />=C2=A0=
ipfw: no rules rules in <span>10000-11000</span> range<br />=C2=A00<br />=
=C2=A0# ipfw -qf delete <span>10000-11000</span> ; echo $?<br />=C2=A00<br =
/>=C2=A0# ipfw -q delete <span>10000-11000</span> ; echo $?<br />=C2=A069<b=
r /><br />=C2=A0Are you fine with this?<br /></blockquo=
te><p>In spirit yes, in implementation No:<br /><br />The -f option is docu=
mented, and actually does, something different<br />than what your change w=
ould implement.<br /><br />=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0-f      Do not ask=
 for confirmation for commands that can cause pro=
blems<br />=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0if misused, i.e., flush.  If there is no tty associated with=
 the<br />=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0process, this is implied.<br /></p></blockquote>But this opt=
ion means "force", with -f ipfw(8) will not ask any questions=
 and forcebly execute the command. The description in man page can be modif=
ied to correctly describe the case.=C2=A0<br /><br />=D0=9E=D1=82=D0=BF=D1=
=80=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD=D0=BE =D0=B8=D0=B7 =D0=BC=D0=BE=D0=B1=D0=
=B8=D0=BB=D1=8C=D0=BD=D0=BE=D0=B9 =D0=AF=D0=BD=D0=B4=D0=B5=D0=BA=D1=81.=D0=
=9F=D0=BE=D1=87=D1=82=D1=8B: http://m.ya.ru/ymail
--=20
Rod Grimes                                                 rgrimes@freebsd.=
org

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808091732.w79HWAU1018694>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact