Date: Fri, 22 Dec 2006 09:16:11 +0100 (CET) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-stable@FreeBSD.ORG, V.Haisman@sh.cvut.cz Subject: Re: Duplicate IPFW rules Message-ID: <200612220816.kBM8GBoX035855@lurza.secnetix.de> In-Reply-To: <458AD815.3010601@sh.cvut.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Václav Haisman wrote: > I have just noticed that ipfw list shows one rule twice. It could be that I > have run a script that adds it twice: That's expected behaviour. Rule numbers are not unique. Think of the rule number as a tag attached to the rule. It's perfectly legal that two rules can have the same tag (number). > Shouldn't IPFW check before adding the same rule number again? No. However, it could be argued that ipfw(8) could check if an existing rule number is added with the same rule body. In that case it would be redundant and have no effect at all. (It wouldn't really be an error either, so ipfw(8) could simply exit successfully without actually adding the rule.) If someone submits a patch for that, I think it would be comitted. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "Clear perl code is better than unclear awk code; but NOTHING comes close to unclear perl code" (taken from comp.lang.awk FAQ)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200612220816.kBM8GBoX035855>