From owner-freebsd-ipfw@FreeBSD.ORG  Sun May  4 02:07:07 2003
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7DC7737B401
	for <freebsd-ipfw@freebsd.org>; Sun,  4 May 2003 02:07:07 -0700 (PDT)
Received: from ns1.interbgc.com (mail.interbgc.com [217.9.224.3])
	by mx1.FreeBSD.org (Postfix) with SMTP id 00C6E43F75
	for <freebsd-ipfw@freebsd.org>; Sun,  4 May 2003 02:07:04 -0700 (PDT)
	(envelope-from misho@interbgc.com)
Received: (qmail 16208 invoked from network); 4 May 2003 09:06:59 -0000
Received: from misho.cablebg.net (HELO misho) (217.18.242.155)
  by mail.interbgc.com with SMTP; 4 May 2003 09:06:59 -0000
Message-ID: <000901c3121c$851906e0$9bf212d9@interbgc.com>
From: "Mihail Balikov" <misho@interbgc.com>
To: <maxes@peterlink.ru>
References: <Pine.BSI.4.40.0305041148260.11509-100000@buratino.peterlink.ru>
Date: Sun, 4 May 2003 12:06:59 +0300
Organization: Inter-Bg-Com Ltd.
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
cc: freebsd-ipfw@freebsd.org
Subject: Re: src-limit trouble
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Mihail Balikov <misho@interbgc.com>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 04 May 2003 09:07:07 -0000

I was incorrect, problem appears when you have a lot of PARENT with single
static rule . Here you are , avery simple patch for 4.8

regards,
Mihail

--- ip_fw2.c.orig Sun May  4 11:44:42 2003
+++ ip_fw2.c Sun May  4 11:49:22 2003
@@ -682,10 +682,14 @@
     max_pass = 1;
     if (pass == 0)
      goto next;
-    if (FORCE && q->count != 0 ) {
-     /* XXX should not happen! */
-     printf( "OUCH! cannot remove rule,"
-          " count %d\n", q->count);
+    if (q->count != 0) {
+     if (FORCE) {
+      /* XXX should not happen! */
+      printf( "OUCH! cannot remove rule,"
+           " count %d\n", q->count);
+     } else {
+      goto next;
+     }
     }
    } else {
     if (!FORCE &&


----- Original Message -----
From: <maxes@peterlink.ru>
To: "Mihail Balikov" <misho@interbgc.com>
Cc: <freebsd-ipfw@freebsd.org>
Sent: Sunday, May 04, 2003 10:53 AM
Subject: Re: src-limit trouble


> > this happens when you have more than one rule with "limit" .
> What exactly  happens  -  LIMIT without PARENT or FIN_WAIT_2 problem ?
> I use only one limit rule:
> ipfw sh | grep limit | wc -l
> 1
> >
> > I have small patch for 4.7
> Can you send it to me or to list ?
>
> b.r.
>  Kozin Maxim
>
>
>