Date: Wed, 6 Aug 1997 01:41:14 +0300 (EEST) From: Heikki Suonsivu <hsu@mail.clinet.fi> To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: bin/4231: ipfw no more returns error when deleting non-existent rule Message-ID: <199708052241.BAA24474@katiska.clinet.fi> Resent-Message-ID: <199708052250.PAA10365@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 4231 >Category: bin >Synopsis: ipfw no more returns error when deleting non-existent rule >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Aug 5 15:50:00 PDT 1997 >Last-Modified: >Originator: Heikki Suonsivu >Organization: Clinet, Espoo, Finland >Release: FreeBSD 2.2-STABLE i386 >Environment: 2.2-STABLE (probably also in current). >Description: ipfw command no more returns exit 1 when deleting non-existant rule, even though it still gives an error message. >How-To-Repeat: To test, do while ipfw delete 5123 do done and it will loop forever. We have used this in scripts which clean up and install new filters for various purposes, like filtering cyberpromo and friends. Bad, as these filters are usually also installed in local rc files and system won't get past them unless they are backgrounded. >Fix: I think this does the trick (not extensively tested, but its simple). It may be worth checking out ipfw.c for any other similar problems as it seems to have changed quite a bit when this bug was merged in ? Index: ipfw.c =================================================================== RCS file: /usr/CVS/src/sbin/ipfw/ipfw.c,v retrieving revision 1.34.2.5 diff -c -r1.34.2.5 ipfw.c *** ipfw.c 1997/06/23 22:34:24 1.34.2.5 --- ipfw.c 1997/08/05 22:26:07 *************** *** 713,718 **** --- 713,719 ---- { struct ip_fw rule; int i; + int success = 0; memset(&rule, 0, sizeof rule); *************** *** 722,730 **** while (ac && isdigit(**av)) { rule.fw_number = atoi(*av); av++; ac--; i = setsockopt(s, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule); ! if (i) ! warn("setsockopt(%s)", "IP_FW_DEL"); } } static void --- 723,734 ---- while (ac && isdigit(**av)) { rule.fw_number = atoi(*av); av++; ac--; i = setsockopt(s, IPPROTO_IP, IP_FW_DEL, &rule, sizeof rule); ! if (!i) ! success = 1; } + + if (!success) + err(1, "setsockopt(IP_FW_DEL)"); } static void >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708052241.BAA24474>