Date: Mon, 1 Aug 2016 19:28:33 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Kevin Oberman <rkoberman@gmail.com> Cc: FreeBSD-STABLE Mailing List <freebsd-stable@freebsd.org>, freebsd-ipfw@freebsd.org Subject: Re: Significant missing item in 11.0 release notes Message-ID: <20160801191550.J29054@sola.nimnet.asn.au> In-Reply-To: <CAN6yY1t4CoG1DSN1bJJTfUxjQJxWR=k0Lr3gx0v0Wvu=LmMhpw@mail.gmail.com> References: <CAN6yY1t4CoG1DSN1bJJTfUxjQJxWR=k0Lr3gx0v0Wvu=LmMhpw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 31 Jul 2016 12:28:06 -0700, Kevin Oberman wrote: > This morning I updated my min user system from 10.3-Stable to 11.0-BETA3. > In general, things went well, but I had two issues that prevented the > network from operating. the first is a lack of documentation in the Release > Notes and the second is a driver issue. Since they are in no way related, > I'll send the report of the driver issue later. > > I use ipfw(8) tables in my firewall configuration. Unfortunately, 11.0 has > introduced a totally re-worked tables structure. The new structure is > awesome and I read about it at the time the changes were being planned and > implemented, but had forgotten. As a result the very first line in my > configuration, "table 1 flush" was no longer valid and the remainder of the > file was ignored. > > I assumed that I had missed this in the release notes, but I can find no > reference to this significant change that simultaneously greatly enhanced > ipfw table functionality, but also broke my configuration. While the fix > was trivial, if the Release Notes had addressed this, I would not have had > the problem in the first place. I don't see this as a Release Notes issue - though I guess it will be if it cannot be quickly fixed before 11.0-RELEASE - but as a very serious and - as far as I know - unreported regression in ipfw(8). In 18 years I cannot recall any addition of features, or additional options for existing features, that caused any breakage of existing rulesets. What on earth could be invalid about "table 1 flush"? cc'ing ipfw@, which is most likely where this should be discussed .. cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160801191550.J29054>