From owner-freebsd-rc@FreeBSD.ORG Sat Jul 16 18:36:12 2011 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B7A21065670 for ; Sat, 16 Jul 2011 18:36:12 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.vlsi.ee.noda.tus.ac.jp (sekine00.ee.noda.sut.ac.jp [133.31.107.40]) by mx1.freebsd.org (Postfix) with ESMTP id EE44B8FC08 for ; Sat, 16 Jul 2011 18:36:11 +0000 (UTC) Received: from alph.allbsd.org (p3028-ipbf608funabasi.chiba.ocn.ne.jp [125.175.94.28]) (user=hrs mech=DIGEST-MD5 bits=128) by mail.vlsi.ee.noda.tus.ac.jp (8.14.4/8.14.4) with ESMTP id p6GIZsLV050009 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 17 Jul 2011 03:36:04 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0) by alph.allbsd.org (8.14.4/8.14.4) with ESMTP id p6GIZlQI069574; Sun, 17 Jul 2011 03:35:53 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Sun, 17 Jul 2011 03:35:37 +0900 (JST) Message-Id: <20110717.033537.180999432921199548.hrs@allbsd.org> To: kevlo@kevlo.org From: Hiroki Sato In-Reply-To: <1310623300.37158.8.camel@srgsec> References: <1310623300.37158.8.camel@srgsec> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.3 on Emacs 23.1 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart0(Sun_Jul_17_03_35_37_2011_849)--" Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.5 (mail.vlsi.ee.noda.tus.ac.jp [133.31.107.40]); Sun, 17 Jul 2011 03:36:05 +0900 (JST) X-Spam-Status: No, score=3.0 required=14.0 tests=BAYES_50, CONTENT_TYPE_PRESENT, QENCPTR2,RCVD_IN_RP_RNBL,SPF_SOFTFAIL,X_MAILER_PRESENT autolearn=no version=3.3.1 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.vlsi.ee.noda.tus.ac.jp Cc: freebsd-rc@FreeBSD.org Subject: Re: [patch] /etc/rc.d/routing X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Jul 2011 18:36:12 -0000 ----Security_Multipart0(Sun_Jul_17_03_35_37_2011_849)-- Content-Type: Multipart/Mixed; boundary="--Next_Part(Sun_Jul_17_03_35_37_2011_750)--" Content-Transfer-Encoding: 7bit ----Next_Part(Sun_Jul_17_03_35_37_2011_750)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Kevin Lo wrote in <1310623300.37158.8.camel@srgsec>: ke> Hi, ke> ke> This patch removes "-n" from the echo. ke> ke> without the patch: ke> Additional routing options: IPv4 gateway=YESadd net ::ffff:0.0.0.0: ke> gateway ::1 ke> add net ::0.0.0.0: gateway ::1 ke> add net fe80::: gateway ::1 ke> add net ff02::: gateway ::1 ke> . ke> ke> with the patch: ke> Additional routing options: IPv4 gateway=YES ke> add net ::ffff:0.0.0.0: gateway ::1 ke> add net ::0.0.0.0: gateway ::1 ke> add net fe80::: gateway ::1 ke> add net ff02::: gateway ::1 ke> ke> dougb@ doesn't see any problem. Per his request, send it to rc@ to be ke> sure. ke> ke> Index: routing ke> =================================================================== ke> --- routing (revision 223907) ke> +++ routing (working copy) ke> @@ -287,7 +287,7 @@ ke> ke> if checkyesno gateway_enable; then ke> ropts_init ke> - echo -n ' IPv4 gateway=YES' ke> + echo ' IPv4 gateway=YES' ke> ${SYSCTL} net.inet.ip.forwarding=1 > /dev/null ke> else ke> ${SYSCTL} net.inet.ip.forwarding=0 > /dev/null ke> @@ -322,7 +322,7 @@ ke> { ke> if checkyesno ipv6_gateway_enable; then ke> ropts_init ke> - echo -n ' IPv6 gateway=YES' ke> + echo ' IPv6 gateway=YES' ke> ${SYSCTL} net.inet6.ip6.forwarding=1 > /dev/null ke> else ke> ${SYSCTL} net.inet6.ip6.forwarding=0 > /dev/null This change is inconsistent and does not work for other combinations of the options. The cause of the ugly output is that adding routes and applying routing options are done in order in a per-AF basis, but the "Additional routing options..." line is displayed only once. What do you think about the attached change? -- Hiroki ----Next_Part(Sun_Jul_17_03_35_37_2011_750)-- Content-Type: Text/X-Patch; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="etc_routing.20110716.diff" Index: routing =================================================================== --- routing (revision 224105) +++ routing (working copy) @@ -250,19 +250,22 @@ { } -_ropts_initdone= ropts_init() { - if [ -z "${_ropts_initdone}" ]; then - echo -n 'Additional routing options:' - _ropts_initdone=yes + local _i + + eval _i=\${_ropts_initdone_$1} + if [ -z "$_i" ]; then + echo -n "Additional routing options for $1:" + eval _ropts_initdone_$1=yes fi } options_inet() { + _ropts_initdone_inet= if checkyesno icmp_bmcastecho; then - ropts_init + ropts_init inet echo -n ' broadcast ping responses=YES' ${SYSCTL} net.inet.icmp.bmcastecho=1 > /dev/null else @@ -270,7 +273,7 @@ fi if checkyesno icmp_drop_redirect; then - ropts_init + ropts_init inet echo -n ' ignore ICMP redirect=YES' ${SYSCTL} net.inet.icmp.drop_redirect=1 > /dev/null else @@ -278,7 +281,7 @@ fi if checkyesno icmp_log_redirect; then - ropts_init + ropts_init inet echo -n ' log ICMP redirect=YES' ${SYSCTL} net.inet.icmp.log_redirect=1 > /dev/null else @@ -286,15 +289,15 @@ fi if checkyesno gateway_enable; then - ropts_init - echo ' IPv4 gateway=YES' + ropts_init inet + echo -n ' IPv4 gateway=YES' ${SYSCTL} net.inet.ip.forwarding=1 > /dev/null else ${SYSCTL} net.inet.ip.forwarding=0 > /dev/null fi if checkyesno forward_sourceroute; then - ropts_init + ropts_init inet echo -n ' do source routing=YES' ${SYSCTL} net.inet.ip.sourceroute=1 > /dev/null else @@ -302,7 +305,7 @@ fi if checkyesno accept_sourceroute; then - ropts_init + ropts_init inet echo -n ' accept source routing=YES' ${SYSCTL} net.inet.ip.accept_sourceroute=1 > /dev/null else @@ -310,7 +313,7 @@ fi if checkyesno arpproxy_all; then - ropts_init + ropts_init inet echo -n ' ARP proxyall=YES' ${SYSCTL} net.link.ether.inet.proxyall=1 > /dev/null else @@ -320,9 +323,10 @@ options_inet6() { + _ropts_initdone_inet6= if checkyesno ipv6_gateway_enable; then - ropts_init - echo ' IPv6 gateway=YES' + ropts_init inet6 + echo -n ' IPv6 gateway=YES' ${SYSCTL} net.inet6.ip6.forwarding=1 > /dev/null else ${SYSCTL} net.inet6.ip6.forwarding=0 > /dev/null @@ -335,8 +339,9 @@ options_ipx() { + _ropts_initdone_ipx= if checkyesno ipxgateway_enable; then - ropts_init + ropts_init ipx echo -n ' IPX gateway=YES' ${SYSCTL} net.ipx.ipx.ipxforwarding=1 > /dev/null else ----Next_Part(Sun_Jul_17_03_35_37_2011_750)---- ----Security_Multipart0(Sun_Jul_17_03_35_37_2011_849)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iEYEABECAAYFAk4h2fkACgkQTyzT2CeTzy1wxACfWk1/uv6Makj/ONZjzxo0hsss THAAn3wU7MepRZVXvfQDnIGNl4Xbdc62 =GHE7 -----END PGP SIGNATURE----- ----Security_Multipart0(Sun_Jul_17_03_35_37_2011_849)----