Date: Mon, 22 Dec 2003 15:17:07 +0200 From: Peter Pentchev <roam@ringlet.net> To: hugle <hugle@vkt.lt> Cc: bug-followup@freebsd.org Subject: Re: BASH bug? Message-ID: <20031222131707.GB8641@straylight.m.ringlet.net> Resent-Message-ID: <20031222131726.GC8641@straylight.m.ringlet.net> In-Reply-To: <88144631939.20031222014343@vkt.lt> References: <88144631939.20031222014343@vkt.lt>
next in thread | previous in thread | raw e-mail | index | archive | help
--Y7xTucakfITjPcLV Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Dec 22, 2003 at 01:43:43AM -0800, hugle wrote: > Hello all. > I have a little problem in here. > Actulay i think, that bash doesn't count good, If the problem was counting, then it wouldn't be bash anyway - the 'wc' utility that you are using to count the lines is not part of the shell, but rather part of the operating system (FreeBSD) - it's a separate executable, /usr/bin/wc. > look: >=20 > cat bin/users | wc -l > 1877 > so the file contains 1877 lines >=20 > cat bin/users: > #!/bin/sh > /sbin/ipfw -q delete 2001 >/dev/null 2>&1 & > /sbin/ipfw -q add 2001 count ip from 192.168.0.1 to not me in via fxp0 >/= dev/null 2>&1 & [snip] > /sbin/ipfw -q delete 2938 >/dev/null 2>&1 & > /sbin/ipfw -q add 2938 count ip from not me to 192.168.5.99 out via fxp0 = >/dev/null 2>&1 & >=20 > so I should have 938 rules in my firewall. > 938 * 2=3D1876 + 1 =3D 1877 lines in the script (1 rule for delete rule > and one for add rule + rule at the top '#!/bin/sh') Right so far. > but when adding this rules to the ipfw ruleset i have: > ipfw show 2000-2938 | wc -l > 809 Now here's a stupid question: is there a reason that you execute each of the ipfw commands in the script *in the background* (the & at the end)? It is quite possible that when you tell bash to execute 1876 jobs in the background, and when bash tells the FreeBSD kernel to execute 1876 jobs at the same time, without waiting for the previous one to complete, that's just what happens: some of the jobs are executed *before* the ones preceding them. What would happen if, say, the 'ipfw delete 2010' job was delayed sufficiently that the 'ipfw add 2010 ...' command completes beforehand? The 'ipfw delete 2010' would remove the *new* 2010 rule, and you will not have a 2010 rule in your ruleset afterwards. So a simple solution: try removing the '&' at the end of each line - matter of fact, I personally don't see a real reason why it should do you any good at all; the only thing it *could* do is interfere with the order of operations so as to actually make the script *not* do what you want :) G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 If the meanings of 'true' and 'false' were switched, then this sentence wou= ldn't be false. --Y7xTucakfITjPcLV Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/5u7T7Ri2jRYZRVMRAiNMAJ9Xl9TqoGVVGEE9jfPwJPxK7KyukACfRjuh 8GX8a6bbKHnBWAkb/sGMSyA= =Chjr -----END PGP SIGNATURE----- --Y7xTucakfITjPcLV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031222131707.GB8641>