Date: Wed, 3 May 2000 07:03:38 -0400 (EDT) From: Omachonu Ogali <oogali@intranova.net> To: freebsd-gnats-submit@freebsd.org Subject: kern/18366: ipfw(8) rules increment by fixed value Message-ID: <Pine.BSF.4.10.10005030702090.424-100000@hydrant.intranova.net>
next in thread | raw e-mail | index | archive | help
>Number: 18366
>Category: kern
>Synopsis: Ipfw rule incrementing is fixed value
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed May 3 04:10:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: Omachonu Ogali
>Release: FreeBSD 5.0-CURRENT i386
>Organization:
Intranova Networking Group
>Environment:
Any FreeBSD version on any FreeBSD-capable platform.
>Description:
When adding a rule to ipfw(8), the next rule is automatically the
highest numbered rule plus 100. Depending on your situation and how
many rules you deal with, this may be a problem for you.
>How-To-Repeat:
Add any ipfw entry.
>Fix:
Patch:
-- snip --
--- sys/netinet/ip_fw.c.orig Wed May 3 06:42:28 2000
+++ sys/netinet/ip_fw.c Wed May 3 06:46:29 2000
@@ -176,6 +176,10 @@
&dyn_rst_lifetime, 0, "Lifetime of dyn. rules for other situations");
#endif /* STATEFUL */
+static u_int32_t rule_increment = 100;
+SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, rule_increment, CTLFLAG_RW,
+ &rule_increment, 0, "Value to increment non-numbered ipfw rules by");
+
#endif
#define dprintf(a) do { \
@@ -1440,7 +1444,7 @@
return(0);
}
- /* If entry number is 0, find highest numbered rule and add 100 */
+ /* If entry number is 0, find highest numbered rule and add rule_increment */
if (ftmp->fw_number == 0) {
for (fcp = LIST_FIRST(chainptr); fcp; fcp = LIST_NEXT(fcp, chain)) {
if (fcp->rule->fw_number != (u_short)-1)
@@ -1448,8 +1452,8 @@
else
break;
}
- if (nbr < IPFW_DEFAULT_RULE - 100)
- nbr += 100;
+ if (nbr < IPFW_DEFAULT_RULE - rule_increment)
+ nbr += rule_increment;
ftmp->fw_number = nbr;
}
-- snip --
--
+-------------------------------------------------------------------------+
| Omachonu Ogali oogali@intranova.net |
| Intranova Networking Group http://tribune.intranova.net |
| PGP Key ID: 0xBFE60839 |
| PGP Fingerprint: C8 51 14 FD 2A 87 53 D1 E3 AA 12 12 01 93 BD 34 |
+-------------------------------------------------------------------------+
>Release-Note:
>Audit-Trail:
>Unformatted:
X-send-pr-version: 3.2
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10005030702090.424-100000>