Date: Sat, 5 May 2018 12:20:30 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: "freebsd-ipfw@freebsd.org" <freebsd-ipfw@freebsd.org> Subject: Re: removing some error states Message-ID: <CAHu1Y738YF7ekHg3zR4sjfh-mRctp8uFXFwRvYhET3taZtNJOA@mail.gmail.com> In-Reply-To: <9d710171-22ff-7df9-a803-eca8469ad61f@freebsd.org> References: <201805011503.w41F3PxP026423@pdx.rh.CN85.dnsmgr.net> <81ced915-4dae-26c0-bc43-5ff5299d00d0@freebsd.org> <30b5e916-60ef-c3fa-1f80-5858d0d6717c@freebsd.org> <11885361525386183@web50g.yandex.ru> <9d710171-22ff-7df9-a803-eca8469ad61f@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Julian - On Sat, May 5, 2018 at 11:03 AM, Julian Elischer <julian@freebsd.org> wrote: >... > it was never "ignore errors" It's "ignore a certain class of error". > > table 3 add 1.1.1.1 >>> table 3 add 1.1.1.1 <- no error.. this is what I want.. >>> >> I'm wondering if it shouldn't be atomically idempotent, or... On a public-facing machine, I throttle all traffic until I get a successful auth event, and then add an IP to a table containing a whitelist, which bypasses the restrictive pipes. With a time_t value denoting when it was added. It would be nice if it simply replaced the arg value table 3 add 1.1.1.1 1525547787 and sometime later table 3 add 1.1.1.1 1525576587 which I'd like to succeed. With 11.0+ I can do this atomically with two tables and swap them, but... > table 3 swap 21 <-- doesn't quit, but doesn't generate a new >> >> +1 on this. Again, UPSERT semantics instead of DELETE-then-CREATE, or CREATE. - M
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y738YF7ekHg3zR4sjfh-mRctp8uFXFwRvYhET3taZtNJOA>