From owner-freebsd-stable@FreeBSD.ORG  Thu Dec 21 19:53:28 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: stable@freebsd.org
Delivered-To: freebsd-stable@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 6929A16A40F
	for <stable@freebsd.org>; Thu, 21 Dec 2006 19:53:28 +0000 (UTC)
	(envelope-from V.Haisman@sh.cvut.cz)
Received: from service.sh.cvut.cz (service.sh.cvut.cz [147.32.127.214])
	by mx1.freebsd.org (Postfix) with ESMTP id E36C913C465
	for <stable@freebsd.org>; Thu, 21 Dec 2006 19:53:27 +0000 (UTC)
	(envelope-from V.Haisman@sh.cvut.cz)
Received: from localhost (localhost [127.0.0.1])
	by service.sh.cvut.cz (Postfix) with ESMTP id CA4711A3375;
	Thu, 21 Dec 2006 20:53:26 +0100 (CET)
Received: from service.sh.cvut.cz ([127.0.0.1])
	by localhost (service [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 31550-09; Thu, 21 Dec 2006 20:53:15 +0100 (CET)
Received: from logout.sh.cvut.cz (logout.sh.cvut.cz [147.32.127.203])
	by service.sh.cvut.cz (Postfix) with ESMTP id E42841A3380;
	Thu, 21 Dec 2006 20:53:15 +0100 (CET)
Received: from [192.168.1.2] (localhost [127.0.0.1])
	by logout.sh.cvut.cz (Postfix) with ESMTP id 2055461C2F;
	Thu, 21 Dec 2006 20:53:15 +0100 (CET)
Message-ID: <458AE623.4070701@sh.cvut.cz>
Date: Thu, 21 Dec 2006 20:53:07 +0100
From: =?UTF-8?B?VsOhY2xhdiBIYWlzbWFu?= <V.Haisman@sh.cvut.cz>
User-Agent: Thunderbird 1.5.0.9 (Windows/20061207)
MIME-Version: 1.0
To: Kevin Downey <redchin@gmail.com>
References: <458AD815.3010601@sh.cvut.cz>
	<1d3ed48c0612211144s631e2cendbfcfb6acfae9ef1@mail.gmail.com>
In-Reply-To: <1d3ed48c0612211144s631e2cendbfcfb6acfae9ef1@mail.gmail.com>
X-Enigmail-Version: 0.94.1.2
OpenPGP: id=733031B4
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAMFBMVEUnMzWJm5S+0864pn5r
	blp/hnW2up7X7uqftbNRVUrW1LGBdGfHwJqPi3ScoYtBQzhDxGEwAAAAB3RJTUUH1QoQDDgyQtx8
	HQAAAkNJREFUeJzFU0toU0EUPYu66CpGdCUUmoUJkpUDQUoNBVEUrBJsq1Ki2EIKIUZ8mydBhYi0
	wVUXJVCLCrFN4DIEQdxIqdBIFsMkWD9YJClCRGKjJaviynjfe8RPogtXPcObuXPOPXd+PHj+Aeyo
	QNmobGLXVeANGM+GsP0B2yqHHNVoCD2LwLglVGZx7yXSlADR0uZu9C4Bpy3hUxPvH/cuUw6UoPCL
	h64I8KAJuMpwRU8uUMJy0OIpHVeXmulZoCc/t0LlTbJLEY1EudPRcnVjgAP5Osdl4K5HVP4+2bAI
	okaUA0Iq6Q59+Zy2eMWN6EpFTsa3+uD1+JKj4TPHuYTSMaLScLAaqk94YJqG4ds30hojOVgYoNJc
	NTztNU2TBYbhu9Aafnq08ORja37da1NwBrN/b7NVEc+b8yecuYkp08vNvLYneVZRaSH1vS0UnfHm
	OUPzWaZufHPmCWSdWrfeGVQQKmcsO4If8pAdXJ/xF4QQAeOVY1AQQcfirwkLUWeWVTgi6vaGt2xe
	BGzBEIMQorru8RxgPqY1V6uxYnwVBRZEI1ytCm3dE8mC2DgcbzCJGHdBEVDKuWDSwsrSGoqzJmNt
	2jJpNueIH0qS8/0JrDKnVBdvOzIsdVr4zaX9dn9xcLLKdCtQGfutVacLE9Ja+yfbDvO4aMWrklfK
	/JYv15C8Kw9S10kup5Bys0N1bLdcn4HvTl/Xlh6Fpllwj5/XpH9BUXn/ym0Dvv7Rt2MywojpYiSi
	i7Hsscaa19zZ//y/hR+BT/ns80nmJAAAAABJRU5ErkJggg==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
	boundary="------------enig1133DA6E086832C52DBC255E"
X-Virus-Scanned: by amavisd-new at sh.cvut.cz
X-Spam-Status: No, hits=-5.9 tagged_above=-255.0 required=5.0
	tests=ALL_TRUSTED, BAYES_00, NORMAL_HTTP_TO_IP
X-Spam-Level: 
Cc: stable@freebsd.org
Subject: Re: Duplicate IPFW rules
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Dec 2006 19:53:28 -0000

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig1133DA6E086832C52DBC255E
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable



Kevin Downey wrote, On 21.12.2006 20:44:
>=20
>=20
> On 12/21/06, *V=C3=A1clav Haisman* <V.Haisman@sh.cvut.cz
> <mailto:V.Haisman@sh.cvut.cz>> wrote:
>=20
>     Hi,
>     I have just noticed that ipfw list shows one rule twice. It could b=
e
>     that I
>     have run a script that adds it twice:
>=20
>     shell::root:~> ipfw list
>     00100 allow ip from any to any via lo0
>     00200 deny ip from any to 127.0.0.0/8 <http://127.0.0.0/8>
>     00300 deny ip from 127.0.0.0/8 <http://127.0.0.0/8> to any
>     01999 deny ip from table(1) to any
>     01999 deny ip from table(1) to any
>     65000 allow ip from any to any
>     65535 allow ip from any to any
>=20
>     Shouldn't IPFW check before adding the same rule number again?
>=20
>     This is FreeBSD 6.1 RC1 with quite recent kernel.
>=20
>     --
>     Vaclav Haisman
>=20
>=20
>=20
>=20
> its a feature, not a bug.
>=20
Huh, really? How is it useful? Please, explain.

--
VH


--------------enig1133DA6E086832C52DBC255E
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBRYrmKkNOZDESBK8FAQL5UAf+N5iKQzmh5ffkQfin2Tl+D2y81dvggs2Z
/i1f+VL/b8Lsp0AvzzKZ4RlAHkEuNKDo77ykxEs0buynNbXAAATeJkgfFtyyg5F+
STfKeV3jRFLHddShb1RsCMhMYWuUNaL4DoTQk4YIWB02dJk+8VKpWiwya4cu3/rF
x/M1HtytbsNYRjt1T9JA6Br4uK0AQ46VcncuO26Uvd6ub+JrYaJmuyVnClDfg988
FimJQQNEaslGvJx4c9CaR2GqGKYlQsv+gdETk+BrLl/mDUMnlj+ReYg1iiA/4++e
yIF3ELkZbtZoQ2RFtfU8/X5Mfm2LfJAqayxKVyjFbNzWkRuwaFxsgQ==
=gIwR
-----END PGP SIGNATURE-----

--------------enig1133DA6E086832C52DBC255E--