From owner-freebsd-bugs Wed May 3 4:10: 6 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id D325337BB93 for ; Wed, 3 May 2000 04:10:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id EAA37214; Wed, 3 May 2000 04:10:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from hydrant.intranova.net (msb-ts-slip11.UMDNJ.EDU [130.219.28.71]) by hub.freebsd.org (Postfix) with SMTP id 0A41737BBEC for ; Wed, 3 May 2000 04:03:28 -0700 (PDT) (envelope-from oogali@intranova.net) Received: (qmail 603 invoked from network); 3 May 2000 11:03:38 -0000 Received: from localhost.abuselabs.com (HELO localhost) (missnglnk@127.0.0.1) by localhost.abuselabs.com with SMTP; 3 May 2000 11:03:38 -0000 Message-Id: Date: Wed, 3 May 2000 07:03:38 -0400 (EDT) From: Omachonu Ogali To: freebsd-gnats-submit@freebsd.org Subject: kern/18366: ipfw(8) rules increment by fixed value Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 18366 >Category: kern >Synopsis: Ipfw rule incrementing is fixed value >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed May 3 04:10:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Omachonu Ogali >Release: FreeBSD 5.0-CURRENT i386 >Organization: Intranova Networking Group >Environment: Any FreeBSD version on any FreeBSD-capable platform. >Description: When adding a rule to ipfw(8), the next rule is automatically the highest numbered rule plus 100. Depending on your situation and how many rules you deal with, this may be a problem for you. >How-To-Repeat: Add any ipfw entry. >Fix: Patch: -- snip -- --- sys/netinet/ip_fw.c.orig Wed May 3 06:42:28 2000 +++ sys/netinet/ip_fw.c Wed May 3 06:46:29 2000 @@ -176,6 +176,10 @@ &dyn_rst_lifetime, 0, "Lifetime of dyn. rules for other situations"); #endif /* STATEFUL */ +static u_int32_t rule_increment = 100; +SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, rule_increment, CTLFLAG_RW, + &rule_increment, 0, "Value to increment non-numbered ipfw rules by"); + #endif #define dprintf(a) do { \ @@ -1440,7 +1444,7 @@ return(0); } - /* If entry number is 0, find highest numbered rule and add 100 */ + /* If entry number is 0, find highest numbered rule and add rule_increment */ if (ftmp->fw_number == 0) { for (fcp = LIST_FIRST(chainptr); fcp; fcp = LIST_NEXT(fcp, chain)) { if (fcp->rule->fw_number != (u_short)-1) @@ -1448,8 +1452,8 @@ else break; } - if (nbr < IPFW_DEFAULT_RULE - 100) - nbr += 100; + if (nbr < IPFW_DEFAULT_RULE - rule_increment) + nbr += rule_increment; ftmp->fw_number = nbr; } -- snip -- -- +-------------------------------------------------------------------------+ | Omachonu Ogali oogali@intranova.net | | Intranova Networking Group http://tribune.intranova.net | | PGP Key ID: 0xBFE60839 | | PGP Fingerprint: C8 51 14 FD 2A 87 53 D1 E3 AA 12 12 01 93 BD 34 | +-------------------------------------------------------------------------+ >Release-Note: >Audit-Trail: >Unformatted: X-send-pr-version: 3.2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message