Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 7 Apr 2020 10:35:01 -0700 (PDT)
From:      "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>
To:        lev@freebsd.org
Cc:        "Andrey V. Elsukov" <bu7cher@yandex.ru>, Neel Chauhan <neel@neelc.org>, freebsd-hackers@freebsd.org
Subject:   Re: Committing one ipfw(8) userland patch
Message-ID:  <202004071735.037HZ1mK093414@gndrsh.dnsmgr.net>
In-Reply-To: <ed3a9bec-e5ef-2f2b-ee90-5f68239a66dd@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
> On 07.04.2020 11:28, Andrey V. Elsukov wrote:
> 
> >> I have one patch for the ipfw userland tool:
> >> https://reviews.freebsd.org/D24234
> >>
> >> This patch adds the src-ip4/dst-ip4 and src-ipv4/dst-ipv4 aliases for
> >> src-ip/dst-ip commands respectively in IPFW.
> >>
> >> Could someone please commit this patch?
> > 
> > Can you describe what is the benefit to have all these aliases, when
> > after adding the rule you will still see other name. I think this makes
> > it more confusing.
>  I think, {src|dst}-ip without version should exist only for backward
> compatibility and, maybe, produce warnings.

But that is not what this review does.  I would be in support of
changing the "official" names to src-ip4/dst-ip4/src-ip6/dst-ip6
and making src-ip/dst-ip a backwards compatible alias.

> 
>  Why? symmetry & consistency. And equal length of fields in rules for
> different versions, too :-)
> 
>  Also, there are confusion with me/me4/me6. When `src-ip` is really
> `src-ip4`, what does `me` mean? `me4`? or `me4 OR me6`?

The parts of the rule are not cross applied so this is a non-question,
me4 with a src-ip6 matches 0 packets no mater what the values are.

One could write syntax checkers to flag this NOP condition.

> -- 
> // Lev Serebryakov
-- 
Rod Grimes                                                 rgrimes@freebsd.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202004071735.037HZ1mK093414>