Date: Wed, 16 Feb 2005 08:20:33 GMT From: Maxim Konovalov <maxim@macomnet.ru> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/77570: [PATCH] ipfw: Multiple rules may have the same number. Message-ID: <200502160820.j1G8KXQ0081432@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/77570; it has been noted by GNATS. From: Maxim Konovalov <maxim@macomnet.ru> To: "Wojciech A. Koszek" <dunstan@freebsd.czest.pl> Cc: bug-followup@freebsd.org Subject: Re: kern/77570: [PATCH] ipfw: Multiple rules may have the same number. Date: Wed, 16 Feb 2005 11:17:34 +0300 (MSK) Hi Wojciech, > >Description: > There is a problem while inserting ipfw2 rule with specified rule number. > > # ipfw add <num> <action> > > While executing this command N times, it will add N rules with the same > number <num>. I don't really like this behaviour, since rule number has to > represent the unique rule. > > >How-To-Repeat: > > This problem may be easily reproduced: > > # ipfw add 100 allow all from any to any > 00100 allow ip from any to any > # ipfw add 100 allow all from any to any > 00100 allow ip from any to any > # ipfw add 100 allow all from any to any > 00100 allow ip from any to any > # ipfw show | grep 00100 > 00100 0 0 allow ip from any to any > 00100 0 0 allow ip from any to any > 00100 0 0 allow ip from any to any > > >Fix: > Attached patch [diff.0.ipfw2] should correct this problem. It also adds predefinition of > remove_rule(), because after applying this patch, add_rule() requires it. Well, sorry, I really hate your patch :-) This is the way ipfw(8) was designed and works in RELENG_*. It seems for me we gonna break zillion ipfw installations with this patch. "Tools not policy". Would you mind if I close this PR? -- Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502160820.j1G8KXQ0081432>