From owner-freebsd-ipfw@FreeBSD.ORG  Fri Aug 10 09:50:09 2007
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 307B616A41A
	for <freebsd-ipfw@hub.freebsd.org>;
	Fri, 10 Aug 2007 09:50:09 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 1CD6713C442
	for <freebsd-ipfw@hub.freebsd.org>;
	Fri, 10 Aug 2007 09:50:09 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.1/8.14.1) with ESMTP id l7A9o886000995
	for <freebsd-ipfw@freefall.freebsd.org>; Fri, 10 Aug 2007 09:50:08 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.1/8.14.1/Submit) id l7A9o8WP000994;
	Fri, 10 Aug 2007 09:50:08 GMT (envelope-from gnats)
Date: Fri, 10 Aug 2007 09:50:08 GMT
Message-Id: <200708100950.l7A9o8WP000994@freefall.freebsd.org>
To: freebsd-ipfw@FreeBSD.org
From: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
Cc: 
Subject: Re: bin/115372: [ipfw]: "ipfw show" prints ill result.
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Aug 2007 09:50:09 -0000

The following reply was made to PR bin/115372; it has been noted by GNATS.

From: Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
To: bug-followup@FreeBSD.org, "Andrey V. Elsukov" <bu7cher@yandex.ru>
Cc: Maxim Konovalov <maxim@FreeBSD.org>, Oleg Bulyzhin <oleg@FreeBSD.org>
Subject: Re: bin/115372: [ipfw]: "ipfw show" prints ill result.
Date: Fri, 10 Aug 2007 18:30:58 +0900

 Hello,
 
 "Andrey V. Elsukov" <bu7cher@yandex.ru> wrote:
 
 > this bug was not introduced by mentioned commit.
 > You can see this bug also with following rules:
 > # ipfw add allow ip from any to any not ipid 1,2,3,4,5
 > # ipfw add allow ip from any to any not ipttl 1,2,3,4,5
 > # ipfw add allow ip from any to any not iplen 1,2,3,4,5
 > and "not tcpdatalen 1,2,3,4", "not tagged 1,2,3,4".
 
 That's right.
 I tried some of above, and the previous version can produce
 duplicated "not".
 On my FreeBSD 6-STABLE host, the patch should be modified (only about line numbers),
 like following;
 @@ -632,8 +632,6 @@
         int i;
         char const *sep;
 
 -       if (cmd->o.len & F_NOT)
 -               printf(" not");
         if (opcode != 0) {
                 sep = match_value(_port_name, opcode);
                 if (sep == NULL)
 @@ -1715,6 +1713,8 @@
                         show_prerequisites(&flags, HAVE_PROTO|HAVE_SRCIP, 0);
                         if ((cmd->len & F_OR) && !or_block)
                                 printf(" {");
 +                       if (cmd->len & F_NOT)
 +                               printf(" not");
                         print_newports((ipfw_insn_u16 *)cmd, proto,
                                 (flags & HAVE_OPTIONS) ? cmd->opcode : 0);
                         break;
 
 However, I do not know whether it is perfect or insufficient.
 Please fix as you think good.
 Thank you for your follow-up and patch.