Date: Wed, 30 Nov 2005 10:54:03 +0300 (MSK) From: Vasily Korytov <deskpot@dot.aerodome.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: misc/89789: [patch] 500.ipfwdenied uses deprecated syntax of ipfw Message-ID: <200511300754.jAU7s3Pd029304@bit.flexpro.ru> Resent-Message-ID: <200512010940.jB19e2Ih079616@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 89789
>Category: misc
>Synopsis: 500.ipfwdenied uses deprecated syntax of ipfw
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Dec 01 09:40:02 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Vasily Korytov
>Release: FreeBSD 6.0-STABLE i386
>Organization:
Good morning, Jah!
>Environment:
System: FreeBSD bit.flexpro.ru 6.0-STABLE FreeBSD 6.0-STABLE #0: Mon Nov 28 13:52:35 MSK 2005 root@bit.flexpro.ru:/usr/src/sys/i386/compile/HUB i386
FreeBSD 6-STABLE on i386 since 6.0-RELEASE up to the 27-11-05 snapshot.
>Description:
/etc/periodic/security/500.ipfwdenied issues a warning:
ipfw: DEPRECATED: 'l' matched 'list' as a sub-string
>How-To-Repeat:
Install a 6.0 system, enable ipfw and don't set the
daily_status_security_ipfwdenied_enable="NO" in /etc/periodic.conf.
In the first root security output, you'll see the warning.
>Fix:
Patch is included:
--- /etc/periodic/security/500.ipfwdenied~ Sun May 8 11:05:12 2005
+++ /etc/periodic/security/500.ipfwdenied Wed Nov 30 10:41:32 2005
@@ -42,7 +42,7 @@
case "$daily_status_security_ipfwdenied_enable" in
[Yy][Ee][Ss])
TMP=`mktemp -t security`
- if ipfw -a l 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then
+ if ipfw -a list 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then
check_diff new_only ipfw ${TMP} "${host} ipfw denied packets:"
fi
rc=$?
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200511300754.jAU7s3Pd029304>