From owner-freebsd-ipfw@freebsd.org Sun Aug 14 12:04:41 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 985EEBB86A9 for ; Sun, 14 Aug 2016 12:04:41 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [148.251.9.81]) by mx1.freebsd.org (Postfix) with ESMTP id 62DD61C7F; Sun, 14 Aug 2016 12:04:41 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 859E3C6D; Sun, 14 Aug 2016 15:04:33 +0300 (MSK) Date: Sun, 14 Aug 2016 15:04:35 +0300 From: Lev Serebryakov Reply-To: Lev Serebryakov Organization: FreeBSD X-Priority: 3 (Normal) Message-ID: <116739308.20160814150429@serebryakov.spb.ru> To: ae@FreeBSD.org CC: freebsd-ipfw@freebsd.org Subject: names for limit states? MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------01311205016469DF0" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 12:04:41 -0000 ------------01311205016469DF0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gQWUsDQoNCiBMb29rcyBsaWtlIHlvdSBkaWRuJ3QgYWRkIG5hbWVzIHN1cHBvcnQg Zm9yIHN0YXRlcyB3aXRoIGxpbWl0cz8gV2h5Pw0KDQotLSANCkJlc3QgcmVnYXJkcywNCiBM ZXYgICAgICAgICAgICAgICAgICAgICAgICAgIG1haWx0bzpsZXZARnJlZUJTRC5vcmc= ------------01311205016469DF0 Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsF5TXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePTjMP/itvu8vHCgTeyRLly1mWp54l amgzvAiUCP1LkQmTMCfwjzpcqy/f5P8ulIvVi2472QltPvodp7nG9/3/OdDvPbmj jIXQgo5ih1QR83KSQAcWixIvnmW++0jKgmHqsYZQUhcphCC9WVC/u5ajVnVsWN7P G+ALL/yUafqUiBjSO1HF4KsMgXmhEhnsrKklfeZ61uyeG1DAxc1ktleOre2aBp2e 10zteN04Vkg74cvwJ4QmI2QUbKc7OMzClek22KpcSQev95VMtTOXa4OqzBz0RrhB yqmrNPojhJl3s2p+6ZOCkF+7s4Ti/pUIUPY/SfMBu+h0pkEPrwPSzka9GDhEk0Yg bONn+tNUbHX1mLpaWqoljSuco1VLlvEZ2qK+/vb8c7lUhn5ld3lZe8GQaEPNg9og Qvt1FWYCkpVH67CiPLtev3+C29cnLd6fNmLKNe3V+K6bDwqMkKVJxa3yB8Gm9iCv PDKOFnrLxIHN1SDbCmjFkI6KqZzBZGzA9RpX5zbSpt8xCYjnarr0XLhl0OeSy5L7 CCr9nTWb2i1OEBu+EUndfIFohyJ/3uIAdunsXENPKP6qGD7Z6J2I0nG7L/6lYR9S pkq6JjCET5iT0WG1f66bxZ6L+KtwCxyzJhmpF2QXF4qeHT2OKO+Wt1+POYbIaJcJ TmW6XuBqX/fWyBJnk01o =edm/ -----END PGP MESSAGE----- ------------01311205016469DF0-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 13:31:28 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D5447BB90FE for ; Sun, 14 Aug 2016 13:31:28 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from mx2.freebsd.org (mx2.freebsd.org [IPv6:2001:1900:2254:206a::19:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx2.freebsd.org", Issuer "Gandi Standard SSL CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C2AA81670; Sun, 14 Aug 2016 13:31:28 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from butcher-nb.yandex.net (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx2.freebsd.org (Postfix) with ESMTP id 45DD918FF; Sun, 14 Aug 2016 13:31:26 +0000 (UTC) (envelope-from ae@FreeBSD.org) Subject: Re: names for limit states? To: Lev Serebryakov References: <116739308.20160814150429@serebryakov.spb.ru> Cc: freebsd-ipfw@freebsd.org From: "Andrey V. Elsukov" Message-ID: <99e34881-e964-e559-f86e-b067b37adf4a@FreeBSD.org> Date: Sun, 14 Aug 2016 16:29:50 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <116739308.20160814150429@serebryakov.spb.ru> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="QlsvLUmhfjeoxbpvdN1JRtqXLcnnKHbWU" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 13:31:28 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --QlsvLUmhfjeoxbpvdN1JRtqXLcnnKHbWU Content-Type: multipart/mixed; boundary="6MP1iQO6eCh83wLx34rCGabOuSI90G04b" From: "Andrey V. Elsukov" To: Lev Serebryakov Cc: freebsd-ipfw@freebsd.org Message-ID: <99e34881-e964-e559-f86e-b067b37adf4a@FreeBSD.org> Subject: Re: names for limit states? References: <116739308.20160814150429@serebryakov.spb.ru> In-Reply-To: <116739308.20160814150429@serebryakov.spb.ru> --6MP1iQO6eCh83wLx34rCGabOuSI90G04b Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 14.08.16 15:04, Lev Serebryakov wrote: > Hello Ae, >=20 > Looks like you didn't add names support for states with limits? Why? For me it looks like I did that. Why would you think differently? :) --=20 WBR, Andrey V. Elsukov --6MP1iQO6eCh83wLx34rCGabOuSI90G04b-- --QlsvLUmhfjeoxbpvdN1JRtqXLcnnKHbWU Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEsBAEBCAAWBQJXsHJODxxhZUBmcmVlYnNkLm9yZwAKCRABxeoEEMihelxLCACh cRziNqtaut+nggzSD7d4LnXueS+mFfjOjb3VXHx25dT4XlOtcTqge3uj160tVWzw uzNi8qNhZ3jom1lpvMqDC4qu1goxbY/P+sqO9RHsJDxhPUWIc4hF+GQZTRkTNJmJ +Cdt7UhflfzND7G9+thZNULFDiTV8/Tx99Kt3Eqk0xOcaD2V5xAi+68SFOfwJy5Z VWGCEJLnvIV8aDejB56h0SgGVKJqT11BOxB5huCEyLy/D4LZ47s0hIi+c6aWVxQ0 o22dnERMqT4TTxa4HoEGav4U0O/OAdaV5VyhOvMrW88CiXp6jvmyFgg3qPl6L0Ph i/7QWC+7RkOnFzPNHILR =eDux -----END PGP SIGNATURE----- --QlsvLUmhfjeoxbpvdN1JRtqXLcnnKHbWU-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 15:15:32 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 98C28BBAA23 for ; Sun, 14 Aug 2016 15:15:32 +0000 (UTC) (envelope-from rj@obsigna.com) Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.smtp.rzone.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3B22A14FD for ; Sun, 14 Aug 2016 15:15:31 +0000 (UTC) (envelope-from rj@obsigna.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1471187727; l=748; s=domk; d=obsigna.com; h=Mime-Version:To:Date:Subject:Content-Transfer-Encoding:Content-Type: From; bh=KkK+hiD5QxkXHZiumcfrpzkHQkyaanPL3mLv0a7S8cg=; b=CMQlOygehH5tBDLLcqpak3mIv6FTidMjKR18XCj7epbXgbSwkJf7QTvDpK6sq6WTuzV AwWmQLncG0sPy+kfOvQkO02ThBZl3Ce1bm0F1KQDo/Jop/kkPvROqBYSwtYPkHfm1tKoy IUsdjHlg61Kq6wpIpAgkfRKFSJkH9Lvdvxg= X-RZG-AUTH: :O2kGeEG7b/pS1EK7WHa0hxqKZr4lnx6UhToX1IWHkW4X7v2ImaU2B+3KSGnPFnK+130WqUsw X-RZG-CLASS-ID: mo00 Received: from mail.obsigna.com (bfb6bd8b.virtua.com.br [191.182.189.139]) by smtp.strato.de (RZmta 38.13 DYNA|AUTH) with ESMTPSA id J0b00bs7EFFR0ti (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate) for ; Sun, 14 Aug 2016 17:15:27 +0200 (CEST) Received: from rolf.projectworld.net (rolf.projectworld.net [192.168.222.25]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.obsigna.com (Postfix) with ESMTPSA id 5D733229861E for ; Sun, 14 Aug 2016 12:15:24 -0300 (BRT) From: "Dr. Rolf Jansen" Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: Notice on upcoming ipdbtools 1.1.1 Message-Id: Date: Sun, 14 Aug 2016 12:15:23 -0300 To: freebsd-ipfw@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) X-Mailer: Apple Mail (2.3124) X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 15:15:32 -0000 As was noticed by the port maintainer, the initial release of ipdbtools = 1.1.0 into the ports did not compile on i386 systems because the lack of = the __uint128_t data type on 32bit systems, and which was used for IPv6 = computing. In the meantime, I rolled in the necessary uint128 comparison, shift and = basic arithmetic operations that provide the missing built-in = __uint128_t operations on 32bit systems. The 64bit targets x86-64 and = arm64 continue to utilize the built-in operations. The changes are ready on GitHub, and I will submit a changed port PR on = Monday (tomorrow) night, most of the post-mortem fixes since the initial = release are included -- I won't rename the tool 'ipup', though. Best regards Rolf From owner-freebsd-ipfw@freebsd.org Sun Aug 14 17:10:09 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5B976BBA5B4 for ; Sun, 14 Aug 2016 17:10:09 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [148.251.9.81]) by mx1.freebsd.org (Postfix) with ESMTP id 17C621F67; Sun, 14 Aug 2016 17:10:09 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id AE2B9CA0; Sun, 14 Aug 2016 20:10:06 +0300 (MSK) Date: Sun, 14 Aug 2016 20:10:09 +0300 From: Lev Serebryakov Reply-To: Lev Serebryakov Organization: FreeBSD X-Priority: 3 (Normal) Message-ID: <1424866278.20160814201003@serebryakov.spb.ru> To: "Andrey V. Elsukov" CC: freebsd-ipfw@freebsd.org Subject: Re: names for limit states? In-Reply-To: <99e34881-e964-e559-f86e-b067b37adf4a@FreeBSD.org> References: <116739308.20160814150429@serebryakov.spb.ru> <99e34881-e964-e559-f86e-b067b37adf4a@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------0C00841B621687CC7" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 17:10:09 -0000 ------------0C00841B621687CC7 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gQW5kcmV5LA0KDQpTdW5kYXksIEF1Z3VzdCAxNCwgMjAxNiwgNDoyOTo1MCBQTSwg eW91IHdyb3RlOg0KDQo+PiAgTG9va3MgbGlrZSB5b3UgZGlkbid0IGFkZCBuYW1lcyBzdXBw b3J0IGZvciBzdGF0ZXMgd2l0aCBsaW1pdHM/IFdoeT8NCj4gRm9yIG1lIGl0IGxvb2tzIGxp a2UgSSBkaWQgdGhhdC4gV2h5IHdvdWxkIHlvdSB0aGluayBkaWZmZXJlbnRseT8gOikNCiBC ZWNhdXNlIEkgbmVlZCB0byByZWFkIGNvZGUgYmV0dGVyLCBzb3JyeSENCg0KLS0gDQpCZXN0 IHJlZ2FyZHMsDQogTGV2ICAgICAgICAgICAgICAgICAgICAgICAgICAgIG1haWx0bzpsZXZA RnJlZUJTRC5vcmc= ------------0C00841B621687CC7 Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsKXxXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePPSIP/2cwvhOY26jQCdkVVx0V7FDw dy2uwDl5yct1hIV1C1Q9PW84yD2yCNCl4fFDBBDx4wMW4rraZYZJMAj70v0KpOjP OYGYWszVZLz5ec1mvAKsqhZlqUJvCv3W4TmVWoh/bkyU/kI8j1CUriLVW8CgQIVN 8xTML+HhXTdNJSi3KBFTqmnepjijWVgVpWRvxslMqnzmsJcpEPpZJ8/SmXXi+P9k t1oMgUOwnyqBjoGG+fwD5edH1OwjYSOFf7uWw01L3ydjaD0jcQFs24CsbZST99I3 UhJtPnLqLxVuD/cf2vE7w6R1AvZ+f6WyZZ5+0DPgtBywZQENtr6DTdo6OIEpPRWV GFxaOdq6TFsX4f3d/ZdhcJWrfBbK9I0IKSmdLJjD97WRsFM01+yMV/dw9cEMDdpt yyEuBSaYOLLpa9kGaEzNYnQCJJkZrySsoDu7lHO69wpvk3IG7WT1I9VIh0nhgIYN q9gM53A3LA+PIaNipvCc6ceIf4PpAfiL/+ihNy3ThkkN+PMVyoQ41AGy2FYU/4mR iuMLV8oj+1J9rIW2k8ike3JIM7i/W69Yppgj6gFHt0a9kiMbKJtIYCdze6H6Q549 ax8Hq4UkDty63zB02iF355PytJPKaYWEN7VCpYGcji8+UJX1OmVl3b27GV4ibC9R ajLuyE/12203PmGkqBUz =HSZi -----END PGP MESSAGE----- ------------0C00841B621687CC7-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 17:20:15 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9A533BBA773 for ; Sun, 14 Aug 2016 17:20:15 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [148.251.9.81]) by mx1.freebsd.org (Postfix) with ESMTP id 63B4514DD; Sun, 14 Aug 2016 17:20:15 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 0A82ACA4; Sun, 14 Aug 2016 20:20:13 +0300 (MSK) Date: Sun, 14 Aug 2016 20:20:16 +0300 From: Lev Serebryakov Reply-To: Lev Serebryakov Organization: FreeBSD X-Priority: 3 (Normal) Message-ID: <1812167147.20160814202008@serebryakov.spb.ru> To: freebsd-ipfw@freebsd.org CC: "Andrey V. Elsukov" Subject: Named states in ipfw MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------03F16819A32E5D2C1" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 17:20:15 -0000 ------------03F16819A32E5D2C1 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gRnJlZWJzZC1pcGZ3LA0KDQogSSd2ZSB0cmllZCBuZXcgYnVpbGQgb2YgMTItQ1VS UkVOVCAod2l0aCBuZXcgaXBmdyBmZWF0dXJlIG9mIG5hbWVkIHN0YXRlcyksDQp3aXRoIE9M RCBydWxlc2V0IGFuZCBJJ20gZGlzYXBwb2ludGVkIGJ5IHVzZXIgZXhwZXJpZW5jZS4NCg0K IE9sZCBydWxlc2V0IGNvbnRhaW5zIGEgbG90ICJrZWVwLXN0YXRlIiBhbmQgImNoZWNrLXN0 YXRlIiBzdGF0ZW1lbnRzIGFuZA0KYWxsIHRoaXMgIkFtYmlndW91cyBzdGF0ZSBuYW1lcyIg bm9pc2UgaXMsIHJlYWxseSwgbm9pc2UuIEl0IGxvb2tzDQpyaWRpY3Vsb3VzIHNvbWV0aW1l czoNCg0KMDAwMDAgZGVueSBpcCBmcm9tIGFueSB0byBhbnkgc3JjLWlwIHRhYmxlKGJhbnMp IC8vIEFuZCBpdCBzaG91bGQgbm90IGJlIGJhbm5lZA0KMTMwNDAgYWxsb3cgaXAgZnJvbSBh bnkgdG8gYW55IHNyYy1pcCAyMTYuNjYuODAuMjYgcHJvdG8gaXB2NiAvLyBJUHY2IHR1bm5l bGluZyB0aHJvdWdoIHRoaXMgaW50ZXJmYWNlDQoxMzA1MCBuYXQgMiBpcCBmcm9tIGFueSB0 byBhbnkgLy8gRGUtTkFUDQpMaW5lIDE1NTogQW1iaWd1b3VzIHN0YXRlIG5hbWUgJy8vJywg J2RlZmF1bHQnIHVzZWQgaW5zdGVhZC4NCjogTm8gZXJyb3I6IDANCjAwMDAwIGNoZWNrLXN0 YXRlIGRlZmF1bHQNCjEzMDcwIHNraXB0byAzMDAwMCBpcCBmcm9tIGFueSB0byBhbnkgLy8g QWxsb3dlZCBsb2NhbCBzZXJ2aWNlcyAtIGNvbW1vbiBibG9jaw0KDQogV2hhdCBkb2VzIHRo aXMgZXJyb3IgYWJvdXQgIi8vIiBtZWFucz8gUHJldmlvdXMgYW5kIG5leHQgcnVsZXMgZG9l c24ndA0KY29udGFpbiBzdGF0ZS1yZWxhdGVkIHRva2Vucy4gTG9va3MgbGlrZSwgZXJyb3Jz IGFyZSBvdXQtb2Ytc3luYyBmcm9tDQpjb21tYW5kcywgYW5kIGFsbCB0aGlzICI6IE5vIGVy cm9yOiAwIiAtLSBXVEY/IEFsc28sIGFsbCB0aGlzICJkZWZhdWx0IiBpbg0KImlwZncgc2hv dyIgb3V0cHV0IGlzIGp1c3Qgbm9pc2UsIHdoZW4gaGVyZSBhcmUgT05MWSBkZWZhdWx0IHN0 YXRlLg0KDQogTm93IEkgdGhpbmsgdGhhdCB0aGlzIHN5bnRheCBvZiBuYW1lZCBydWxlcyBp cyBub3QgZ29vZCBlbm91Z2ggdG8gd29yayB3aXRoDQpvbGQgcnVsZXNldHMuIEkgdGhpbmss IHNvbWV0aGluZyBsaWtlDQoNCiAga2VlcC1zdGF0ZShuYW1lKQ0KDQpvcg0KDQogIGtlZXAt c3RhdGUgOm5hbWUNCg0KIGNvdWxkIGJlIG11Y2ggYmV0dGVyLiBJbiBmaXJzdCBjYXNlLCBh bGwgdGhpcyAnKG5hbWUpJyBwYXJ0IG11c3QgYmUNCm9wdGlvbmFsLCBvZiBjb3Vyc2UuDQoN CiBBIHRvbiBvZiB1c2VsZXNzIGVycm9ycyAod2FybmluZ3M/KSBpbiBjYXNlIG9mICJvbGQt c3R5bGUiIHJ1bGVzZXQgbG9va3MNCnZlcnkgdWdseSwgSU1ITy4NCg0KLS0gDQpCZXN0IHJl Z2FyZHMsDQogTGV2ICAgICAgICAgICAgICAgICAgICAgICAgICBtYWlsdG86bGV2QEZyZWVC U0Qub3Jn ------------03F16819A32E5D2C1 Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsKhQXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePyJgQAJW83YGBuEeCvdnt6EyTKd0a 3yKk7bwOLZnRhILfGMzaCj/KpJ1+WTi0/EUQ70dz6rdY5wUgg/cxsRIeKi+pgnCN vggYjx9I8Rp++Q5Lub/pONlnSf6473BjydGCrxnhrDWwPJB4WirytjOV8yTeIWEt /CXeBEz9VH9yAZ0x5RYhAW7bx83TEhrSLaPbAx1g7POI6nyQRCLT8l5H3kpE2giJ 5+KAB/3peekykzGx1GHOKuBs1EJRdBuGMs9vBJ9jKtIy+GBZxFX4y0IaCZGN83QP xy7mRgxtrpntWZelTHR62hUhm2xBejpyEBFYOOjz9CACSxCebJ/9UQe1PY79IWmf /NcGAE8uH6qncmKPq81Y82+4OiTd7qKg4noSfO2igDg8L/anQRC5nTyPj7jsuHAw mpucAqwrZjegR4NKUVwE7hlOz4BDQx7xJ7zeGCM2xI21T314nhn/H7BuIvai0kiK pYiYvqgIbpUwJPN1a/TZvwBB4xpGzeDHIoUGpihWsU9OyXgmkDL60zitBg+PkUfY xBsOs+EiQmLjzGyyEaNwM4MQy4XECDVt1NoGqCMHkjsCo3C4DBWpQYlnwFis385g Y//8i8fzSBngYmcWfbIXed94Qe7MTeLWJWyHOsv3IGmVMMHrOoINvxyHU6M3nPDH LZZ09iMTXGcPiMWoyxRt =2mqC -----END PGP MESSAGE----- ------------03F16819A32E5D2C1-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 17:27:00 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D6602BBA8BE for ; Sun, 14 Aug 2016 17:27:00 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [148.251.9.81]) by mx1.freebsd.org (Postfix) with ESMTP id 9170817A6; Sun, 14 Aug 2016 17:27:00 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 58544CA6; Sun, 14 Aug 2016 20:26:59 +0300 (MSK) Date: Sun, 14 Aug 2016 20:27:02 +0300 From: Lev Serebryakov X-Priority: 3 (Normal) Message-ID: <1211733990.20160814202656@serebryakov.spb.ru> To: freebsd-ipfw@freebsd.org CC: "Andrey V. Elsukov" Subject: Named states in ipfw (and old rulesets) In-Reply-To: <1812167147.20160814202008@serebryakov.spb.ru> References: <1812167147.20160814202008@serebryakov.spb.ru> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------10008406E0A1D3734" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 17:27:00 -0000 ------------10008406E0A1D3734 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gTGV2LA0KDQpTdW5kYXksIEF1Z3VzdCAxNCwgMjAxNiwgODoyMDoxNiBQTSwgeW91 IHdyb3RlOg0KDQo+IExpbmUgMTU1OiBBbWJpZ3VvdXMgc3RhdGUgbmFtZSAnLy8nLCAnZGVm YXVsdCcgdXNlZCBpbnN0ZWFkLg0KPiA6IE5vIGVycm9yOiAwDQo+IDAwMDAwIGNoZWNrLXN0 YXRlIGRlZmF1bHQNCiBPaywgcmVhbGx5IHRoaXMgb25lIGlzIChubyBydWxlIG51bWJlciwg SSdtIHJlbHkgb24gYXV0by1udW1iZXJpbmcpOg0KDQphZGQgbmF0IDIgICAgICAgICAvLyBE ZS1OQVQNCmFkZCBjaGVjay1zdGF0ZSAgIC8vIE1ha2UgdGhpbmdzIGZhc3Rlcg0KYWRkIHNr aXB0byAzMDAwMCAgLy8gQWxsb3dlZCBsb2NhbCBzZXJ2aWNlcyAtIGNvbW1vbiBibG9jaw0K DQpCdXQgbG9va3MgbGlrZSwgdGhhdCBjb21tZW50IGlzIGxvc3QgaGVyZSwgaGVyZSBpcyBv dXRwdXQgb2YgImlwZncgc2hvdyINCmFmdGVyIGJvb3Q6DQoNCjEzMDUwICAgICAwICAgICAg IDAgbmF0IDIgaXAgZnJvbSBhbnkgdG8gYW55IC8vIERlLU5BVA0KMTMwNjAgICAgIDAgICAg ICAgMCBjaGVjay1zdGF0ZSBkZWZhdWx0DQoxMzA3MCAgICAgMCAgICAgICAwIHNraXB0byAz MDAwMCBpcCBmcm9tIGFueSB0byBhbnkgLy8gQWxsb3dlZCBsb2NhbCBzZXJ2aWNlcyAtIGNv bW1vbiBibG9jaw0KDQogU28sIHllcywgY29tbWVudCBpcyBsb3N0IQ0KDQotLSANCkJlc3Qg cmVnYXJkcywNCiBMZXYgICAgICAgICAgICAgICAgICAgICAgICAgICAgbWFpbHRvOmxldkBz ZXJlYnJ5YWtvdi5zcGIucnU= ------------10008406E0A1D3734 Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsKnlXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePB4YP/Rv65A7CUIN8rCMXvCrxYwam 2H5mx90AssEAjOamebjkNGJ2Tb5qmNOcbQs/mgTXJG35ColzIU0dbN+tY3TfNaxu lA1e6f9C1psNpNvTfZm50M03BjtuUplcDvuJQV0m2AmN2Qjf1JVlThAvxYxV1Ks4 triyo2DuxkvtOIusxaYCw8ra5gl23b6uekfUf9q9miWFVh3lsliWnQUxyisjehsP 9BNLuYe0eDKVFGFfWSLE4H6PSAJUtBtJ5ML2mle+fzMdsCf/LhBvg5sY9uFaDajf wBtCzhiiPOJ1eesJWA5RTss4TeugLXKA4o0wrOBOm31hs/mGt6d0J9vDLsby/CRn As8Xt2bf/O1D3WN+zHgrV7aXoG01XB8fF07yUaF19r+B3RgsLuDGc2C1ngFLsLey LoWtDH5qGS6+aLYGczpdY947k3rJstvn2QSL+efqzD4x0B76IQWBDLBBHUL1r4Jd 09catytdPWw4seWO18YMFp6jLzahP7/nrV95tG95P+bS49PtIz9NIDCvr24QrONj rddUxcdp+jYALuIL/XNfBqQmYq6BvNKG6vo7flYLPavJFwpaYnkwrsZPz4Iy9qO9 t9qWDmLUemn32lOtUQ76PzL385S4uxa7GohOjox/GzHyuKevIEVCrJBLACVGmceR S4ORYk5usODL56tIxJ+C =8ZKs -----END PGP MESSAGE----- ------------10008406E0A1D3734-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 17:44:17 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0B7A6BBAB8D for ; Sun, 14 Aug 2016 17:44:17 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [148.251.9.81]) by mx1.freebsd.org (Postfix) with ESMTP id 8F3B61D6D for ; Sun, 14 Aug 2016 17:44:16 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 62A0ACA8 for ; Sun, 14 Aug 2016 20:44:15 +0300 (MSK) Date: Sun, 14 Aug 2016 20:44:18 +0300 From: Lev Serebryakov Organization: FreeBSD X-Priority: 3 (Normal) Message-ID: <792926564.20160814204412@serebryakov.spb.ru> To: freebsd-ipfw@freebsd.org Subject: Auto-numbered rules with state or table opcodes are printed-out as ""number 00000" on addition In-Reply-To: <1211733990.20160814202656@serebryakov.spb.ru> References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------0A413F0272AB195CE" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 17:44:17 -0000 ------------0A413F0272AB195CE Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gTGV2LA0KDQpTdW5kYXksIEF1Z3VzdCAxNCwgMjAxNiwgODoyNzowMiBQTSwgeW91 IHdyb3RlOg0KDQogV2hlbiBhdXRvLW51bWJlcmluZyBpcyB1c2VkLCBhbGwgcnVsZXMgd2l0 aCBhbnkga2VlcC1zdGF0ZS9jaGVjay1zdGF0ZSBvcg0KdGFibGUgb3Bjb2RlcyBpcyBwcmlu dGVkIG91dCBhcyBudW1iZXIgMDAwMDAgb24gYWRkaXRpb24sIGxpa2UgdGhpczoNCg0KYWRk IDExMDAwIGFsbG93ICAgIGRzdC1pcCBNQ0FTVCAgICAgICAgICAgICAgICAgIC8vIEFsbG93 IGluY29taW5nIG11bHRpY2FzdA0KYWRkICAgICAgIGRlbnkgbm90IGRzdC1pcCBTS1lORVRf SVAgICAgICAgICAgICAgIC8vIEJlZm9yZSBOQVQgaXQgc2hvdWxkIGJlIHRvIHRoaXMgc3Bl Y2lmaWMgbWUhIA0KYWRkICAgICAgIGRlbnkgICAgIHNyYy1pcCB0YWJsZShpbnRpcDQpICAg ICAgICAgIC8vIEFuZCBpdCBzaG91bGQgYmUgbm90IGZyb20gc3RyYW5nZSBhZGRyZXNzZXMg DQphZGQgICAgICAgZGVueSAgICAgc3JjLWlwIHRhYmxlKGJhbnMpICAgICAgICAgICAgLy8g QW5kIGl0IHNob3VsZCBub3QgYmUgYmFubmVkDQphZGQgICAgICAgYWxsb3cgICAgc3JjLWlw IEhFX0lQVjRfVFVOIHByb3RvIGlwdjYgLy8gSVB2NiB0dW5uZWxpbmcgdGhyb3VnaCB0aGlz IGludGVyZmFjZSANCmFkZCAgICAgICBuYXQgU0tZTkVUX05BVCAgICAgICAgICAgICAgICAg ICAgICAgICAvLyBEZS1OQVQNCmFkZCAgICAgICBjaGVjay1zdGF0ZSAgICAgICAgICAgICAg ICAgICAgICAgICAgICAvLyBNYWtlIHRoaW5ncyBmYXN0ZXINCmFkZCAgICAgICBza2lwdG8g MzAwMDAgICAgICAgICAgICAgICAgICAgICAgICAgICAvLyBBbGxvd2VkIGxvY2FsIHNlcnZp Y2VzIC0gY29tbW9uIGJsb2NrDQphZGQgICAgICAgZGVueSAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgLy8gU2FmZWd1YXJkDQoNCg0KMTEwMDAgYWxsb3cgaXAgZnJvbSBh bnkgdG8gYW55IGRzdC1pcCAyMjQuMC4wLjAvNCAvLyBBbGxvdyBpbmNvbWluZyBtdWx0aWNh c3QNCjExMDEwIGRlbnkgaXAgZnJvbSBhbnkgdG8gYW55IG5vdCBkc3QtaXAgOTQuMTkuMjM1 LjcwIC8vIEJlZm9yZSBOQVQgaXQgc2hvdWxkIGJlIHRvIHRoaXMgc3BlY2lmaWMgbWUhDQow MDAwMCBkZW55IGlwIGZyb20gYW55IHRvIGFueSBzcmMtaXAgdGFibGUoaW50aXA0KSAvLyBB bmQgaXQgc2hvdWxkIGJlIG5vdCBmcm9tIHN0cmFuZ2UgYWRkcmVzc2VzDQowMDAwMCBkZW55 IGlwIGZyb20gYW55IHRvIGFueSBzcmMtaXAgdGFibGUoYmFucykgLy8gQW5kIGl0IHNob3Vs ZCBub3QgYmUgYmFubmVkDQoxMTA0MCBhbGxvdyBpcCBmcm9tIGFueSB0byBhbnkgc3JjLWlw IDIxNi42Ni44MC4yNiBwcm90byBpcHY2IC8vIElQdjYgdHVubmVsaW5nIHRocm91Z2ggdGhp cyBpbnRlcmZhY2UNCjExMDUwIG5hdCAxIGlwIGZyb20gYW55IHRvIGFueSAvLyBEZS1OQVQN CkxpbmUgMTMzOiBBbWJpZ3VvdXMgc3RhdGUgbmFtZSAnLy8nLCAnZGVmYXVsdCcgdXNlZCBp bnN0ZWFkLg0KOiBObyBlcnJvcjogMA0KMDAwMDAgY2hlY2stc3RhdGUgZGVmYXVsdA0KMTEw NzAgc2tpcHRvIDMwMDAwIGlwIGZyb20gYW55IHRvIGFueSAvLyBBbGxvd2VkIGxvY2FsIHNl cnZpY2VzIC0gY29tbW9uIGJsb2NrDQoxMTA4MCBkZW55IGlwIGZyb20gYW55IHRvIGFueSAv LyBTYWZlZ3VhcmQNCg0KIFRoZXksIHJlYWxseSwgZ290IHByb3BlciBudW1iZXJzLCBidXQg ImlwZnciIG91dHB1dCBsb29rcyBzdHJhbmdlLg0KDQotLSANCkJlc3QgcmVnYXJkcywNCiBM ZXYgICAgICAgICAgICAgICAgICAgICAgICAgICAgbWFpbHRvOmxldkBGcmVlQlNELm9yZw== ------------0A413F0272AB195CE Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsK3yXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePwPUP/AkNnfIASQfn6JRY74kEH6WB 2aWDxzmrh7vu70HGPYkoR3GdUh6Q6Mn87Qbl2Rlw7xw7MPzE8k1ZNNnFVy3ww1KC h00pK0FEwEgUjE5CopvinNU+xaA1ma5Cky0EP63XI5qMfOCUhc+3b0R+i6vOMRFc NymGMFhnaZE8xTGXmQv/FQeUvsZgmdVTGEk51O8U6FasN7hb5j5apl18ExQfKhIV olsqQdU912GUGt8g7WVMTEfqVMgSdhF7V7ouaiI8w/rwSD6W4wkN9ohHbycL/+ON rOcfKI61wz9Bl0sZF8IfUKNDHDTqhfGjdbpStFwJluW78kmWjWhAZPvUnDt8D2Z+ 6TbQPZhS7qJ9MlwxD8KBcWiFXkUNUOPga6pLynon7UNzGCkR4iv4tLqY/omNvQjf X1TYwSEQeWd0tmI3rNBicIvj3xc+daTD/7Pk6oYmW1i2BNbFtBOO69OHHXTr+24t afpkJvXamM+8f5nvLyjjExMi+Quj2EkN5Kt0+aYjWu6mqvTr/NYqgrooLvDrD0Mp woay2Zk0UmL6waH7kV4EXiZ5Bb1TMPMHv0WOpqYdFbEj7WM4WcoSVM3SDyYLT1UI s1EIM1Yv3TtvyrQkYnL2LsbO5T10DhBgWms2dGoACSDXrV1yyKH84FddCmwycrej gEQJt+qtBot7vyC60oDe =Q/WW -----END PGP MESSAGE----- ------------0A413F0272AB195CE-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 18:02:54 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74460BBAE55 for ; Sun, 14 Aug 2016 18:02:54 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from mx2.freebsd.org (mx2.freebsd.org [8.8.178.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx2.freebsd.org", Issuer "Gandi Standard SSL CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5DC24152F; Sun, 14 Aug 2016 18:02:54 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from butcher-nb.yandex.net (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx2.freebsd.org (Postfix) with ESMTP id 5AB551B43; Sun, 14 Aug 2016 18:02:53 +0000 (UTC) (envelope-from ae@FreeBSD.org) Subject: Re: Named states in ipfw (and old rulesets) To: Lev Serebryakov , freebsd-ipfw@freebsd.org References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> From: "Andrey V. Elsukov" Message-ID: <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> Date: Sun, 14 Aug 2016 21:01:15 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <1211733990.20160814202656@serebryakov.spb.ru> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="efGJq4UEMSEae54b3VHGrxT7uq0RFS86T" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 18:02:54 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --efGJq4UEMSEae54b3VHGrxT7uq0RFS86T Content-Type: multipart/mixed; boundary="EVdo9BOmeiT4XHovXTuHXXDJDxjQD9mHQ" From: "Andrey V. Elsukov" To: Lev Serebryakov , freebsd-ipfw@freebsd.org Message-ID: <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> Subject: Re: Named states in ipfw (and old rulesets) References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> In-Reply-To: <1211733990.20160814202656@serebryakov.spb.ru> --EVdo9BOmeiT4XHovXTuHXXDJDxjQD9mHQ Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 14.08.16 20:27, Lev Serebryakov wrote: > But looks like, that comment is lost here, here is output of "ipfw show= " > after boot: >=20 > 13050 0 0 nat 2 ip from any to any // De-NAT > 13060 0 0 check-state default > 13070 0 0 skipto 30000 ip from any to any // Allowed local se= rvices - common block >=20 > So, yes, comment is lost! It looks it never worked due to "goto done" in the code. --=20 WBR, Andrey V. Elsukov --EVdo9BOmeiT4XHovXTuHXXDJDxjQD9mHQ-- --efGJq4UEMSEae54b3VHGrxT7uq0RFS86T Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEsBAEBCAAWBQJXsLHsDxxhZUBmcmVlYnNkLm9yZwAKCRABxeoEEMiheu73B/9a IrhESesP7sazyVD+4/H9jpArIYFbZCv04QzXLcmaiMmsuiSzwDnFOF2O0LfkmYUW cJAL3jul9pfqxNi3hFIxykmhKOz8UDkq64YwjzlJPwl/lw+s+/hDZF6Pok3634+U LpTJIpxSlIZdS6H/d8LpnXIGSZ3+nKbVL/OGSgrOih6yQmKRBy5FmeRt9YM/Obon d0YLf17M0FonSFS9J+42cnCMfSBBmaGazFEWd9z/PdqDj2SEOsyKW8hDbthy6Aaj PAT6VdzXwt/M9VT+Ii2BxIUJeGH5N0GkKsrjxSz3yuxt/41YL04a7Vnf+DGa+dBH CieUtp2P4ctpQ07g2/fG =Rt6U -----END PGP SIGNATURE----- --efGJq4UEMSEae54b3VHGrxT7uq0RFS86T-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 22:07:01 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 228FABBA5A4 for ; Sun, 14 Aug 2016 22:07:01 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [IPv6:2a01:4f8:201:6350::2]) by mx1.freebsd.org (Postfix) with ESMTP id E36DB1F51; Sun, 14 Aug 2016 22:07:00 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 561E2CDF; Mon, 15 Aug 2016 01:06:58 +0300 (MSK) Date: Mon, 15 Aug 2016 01:07:01 +0300 From: Lev Serebryakov Organization: FreeBSD X-Priority: 3 (Normal) Message-ID: <1906886339.20160815010655@serebryakov.spb.ru> To: "Andrey V. Elsukov" , freebsd-ipfw@freebsd.org Subject: Re: Named states in ipfw (and old rulesets) In-Reply-To: <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------0011CD1A016B346F5" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 22:07:01 -0000 ------------0011CD1A016B346F5 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gQW5kcmV5LA0KDQpTdW5kYXksIEF1Z3VzdCAxNCwgMjAxNiwgOTowMToxNSBQTSwg eW91IHdyb3RlOg0KDQo+PiBhZnRlciBib290Og0KPj4gDQo+PiAxMzA1MCAgICAgMCAgICAg ICAwIG5hdCAyIGlwIGZyb20gYW55IHRvIGFueSAvLyBEZS1OQVQNCj4+IDEzMDYwICAgICAw ICAgICAgIDAgY2hlY2stc3RhdGUgZGVmYXVsdA0KPj4gMTMwNzAgICAgIDAgICAgICAgMCBz a2lwdG8gMzAwMDAgaXAgZnJvbSBhbnkgdG8gYW55IC8vIEFsbG93ZWQgbG9jYWwgc2Vydmlj ZXMgLSBjb21tb24gYmxvY2sNCj4+IA0KPj4gIFNvLCB5ZXMsIGNvbW1lbnQgaXMgbG9zdCEN Cj4gSXQgbG9va3MgaXQgbmV2ZXIgd29ya2VkIGR1ZSB0byAiZ290byBkb25lIiBpbiB0aGUg Y29kZS4NCiBZZXAuLi4gSXQgaXMgbm90IHByb2JsZW0gd2l0aCBuYW1lZCBzdGF0ZXMsIHNv cnJ5IQ0KIEJ1dCwgYW55d2F5LCBhbGwgdGhlc2Ugd2FybmluZ3MgbG9vayB1Z2x5Lg0KDQot LSANCkJlc3QgcmVnYXJkcywNCiBMZXYgICAgICAgICAgICAgICAgICAgICAgICAgICAgbWFp bHRvOmxldkBGcmVlQlNELm9yZw== ------------0011CD1A016B346F5 Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsOuFXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePa1cP/00EjSMkovs9nnuDgClMo/T4 40oiHkV9gT21hoU5lNpGda0n+UnazH223TKQ432W9PmVrNqq3qrRoohOxS1hjVrk A7HmWERbREvtQKdf8hzPoxJTeYJHUzc9n83dnrTgSBOd7qF98bjaHjTxi2JS0LbJ Osn98r/+9SFkVeVwl+7BaJuQIeodhpFgbsIUaiNCs7ZWVgsuvvG4iJDTxU9yQ515 LgEEEvxtiaI6S0Gumb9WptPUK0cpZnT6MB6gkfE+7zda15wSYKc7XRzbSBH9awBh 7YSyPO31NttwUlLEj7q8+wpW53LnabKoMp0miqDJtUOD1iBNavLDAmAT1JC8j9+m /Mjz+nFhb7X9yd66QSXhVo+r0yHjuf47xMOJxzNVz7Q6pPHvRNWTqQ+ucFR0ElX9 WPU44l4+Fodiss6baH5Dg+hePjaXCNJfoBtqr0H5GpN2zaF28pkl+IfT7NS/V25X p+fIOzmzMd6WvUs2BYe+7rKZczvbwWxo5prBbeQw+DfiTrgxSziMvzHNMvJIFWjb zOqRxoR7+i7crcPn/tS1rSZ+AhfwSELH7zNMXAUnjOchO/Tcc3yGtkLEzEM/RpfS ++EVRTkIXiLr98fnMirD0Cnr5svubzbeRFduSn7UY7MxI5dbO7FnmAnpk38Ace+U xA90J2woL/4JOiMJ+uoe =Relb -----END PGP MESSAGE----- ------------0011CD1A016B346F5-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 22:32:48 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8984CBBAB3F for ; Sun, 14 Aug 2016 22:32:48 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [IPv6:2a01:4f8:201:6350::2]) by mx1.freebsd.org (Postfix) with ESMTP id 50B6A1D9F; Sun, 14 Aug 2016 22:32:48 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id D2115CE8; Mon, 15 Aug 2016 01:32:46 +0300 (MSK) Date: Mon, 15 Aug 2016 01:32:49 +0300 From: Lev Serebryakov Organization: FreeBSD X-Priority: 3 (Normal) Message-ID: <516433114.20160815013243@serebryakov.spb.ru> To: "Andrey V. Elsukov" , freebsd-ipfw@freebsd.org Subject: Re: Named states in ipfw (and old rulesets) In-Reply-To: <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------11D0FB0B501A2034E" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 22:32:48 -0000 ------------11D0FB0B501A2034E Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gQW5kcmV5LA0KDQpTdW5kYXksIEF1Z3VzdCAxNCwgMjAxNiwgOTowMToxNSBQTSwg eW91IHdyb3RlOg0KDQoNCiBJIGhhdmUgdmVyeSBmb3JtYWwgb2JqZWN0aW9uIGFnYWluc3Qg ImFueSB1bmtub3duIHRva2VuIGFmdGVyICotc3RhdGUgaXMNCnN0YXRlIG5hbWUiOiBpdCBo aWRlcyBtaXN0YWtlcyBhbmQgdHlwb3MgdmVyeSB3ZWxsLiBJJ3ZlIGJlZW4gYml0dGVuIGJ5 IHRoaXMNCnJpZ2h0IG5vdy4gTmV3IHBhdGNoIHVzZXMgImRlZmVyLWFjdGlvbiIsIGJ1dCBv bGQgInJlY29yZC1zdGF0ZSBza2lwLWFjdGlvbiINCnBhc3NlcyB3aXRob3V0IGVycm9yLCBi ZWNhdXNlICJza2lwLWFjdGlvbiIgaXMgdmFsaWQgc3RhdGUgbmFtZSENCg0KIFBsZWFzZSwg Y2hhbmdlIHRoaXMgdG8gc29tZSBwcmVmaXggdG8gc3RhdGUgbmFtZSAoOm5hbWUsIEBuYW1l IG9yIHNvbWV0aGluZw0KbGlrZSB0aGlzKSBvciB0byAic3RhdGUtYWN0aW9uKG5hbWUpIiBm b3JtYXQuIEl0IHdpbGwgYmUgbXVjaCBiZXR0ZXI6IGxlc3MNCmVycm9yLXByb25lIGFuZCB3 aWxsIHdvcmsgd2l0aG91dCB1Z2x5IHdhcm5pbmdzIG9uIG9sZCBydWxlc2V0cy4NCg0KDQot LSANCkJlc3QgcmVnYXJkcywNCiBMZXYgICAgICAgICAgICAgICAgICAgICAgICAgICAgbWFp bHRvOmxldkBGcmVlQlNELm9yZw== ------------11D0FB0B501A2034E Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsPGRXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePsl4QAK3T81Fs87tzrpbwxW+PRE4o CV7ZYYIiAiSNFfPdGiHNTXJnVWt6PsxFTVEshe1nxp/9W5SsvKge4XbtTr3H0hXw Va+xqnUrCrgOpA439HzaF4iM7PivqIujKUiQIX5oub7s2M+MtC1kWfa98TPSxH3N Wu3DFy8kre2g06gl2pKNXHYOIbDoJUH/7Z0lMVJhYCJZPRxpXzJZep1EILYTGPES Rgv4XCA12JNkjWld42VgCHLla2tbiyiNW3PRtIr4T56lAGB37neQtHHA+YI/UJV1 McNBBcGwuNf/c+DguQzWnkEGfLXp32CmUY3DiJ1yY4X5GDHwMmoPS7pSNiegoyXI 7B6r1pyJnoF61nSK+uvtSG4ZO8tFdz9VsbzFdCiaEJKz5NOabD5tVUI9BifM/S+X 3aFllxgV4450cy0ZEPdDpoxnFhyb+VVZEwzz8txuXEz293fIAy4TeSOg7aUHP3IL iCnQIaps9kOxIkmZKJdtLEI+QbQwIsfKg1Loi+kE2PG+rHs+JUrvlaDKFLgj/OlV /OWML7rII6hYZ5+4IM/zGPOnx5OdJsZJCMeFK+JDKQEh7Dyoygo48j0mBGgQmAGK Nscjjy/erVpeK4O9y3c7nlw88KWqwE/sNWco/Ea6gWLGrV+uYuVFks1oh4QKNXoF 4ccMLG1b1CSm9M/Wp66t =+tjG -----END PGP MESSAGE----- ------------11D0FB0B501A2034E-- From owner-freebsd-ipfw@freebsd.org Sun Aug 14 23:28:19 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4E4BABB9424 for ; Sun, 14 Aug 2016 23:28:19 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [148.251.9.81]) by mx1.freebsd.org (Postfix) with ESMTP id 08EC8143E; Sun, 14 Aug 2016 23:28:19 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from lion.home.serebryakov.spb.ru (unknown [IPv6:2001:470:923f:1:e0f4:994:662:862]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id BD5D7CF4; Mon, 15 Aug 2016 02:28:16 +0300 (MSK) Date: Mon, 15 Aug 2016 02:28:19 +0300 From: Lev Serebryakov Organization: FreeBSD X-Priority: 3 (Normal) Message-ID: <1174736256.20160815022812@serebryakov.spb.ru> To: "Andrey V. Elsukov" , freebsd-ipfw@freebsd.org Subject: Re: Named states in ipfw (and old rulesets) In-Reply-To: <516433114.20160815013243@serebryakov.spb.ru> References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> <516433114.20160815013243@serebryakov.spb.ru> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="----------0AB1CA0A603C6AF5E" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Aug 2016 23:28:19 -0000 ------------0AB1CA0A603C6AF5E Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: base64 SGVsbG8gTGV2LA0KDQpNb25kYXksIEF1Z3VzdCAxNSwgMjAxNiwgMTozMjo0OSBBTSwgeW91 IHdyb3RlOg0KDQo+ICBQbGVhc2UsIGNoYW5nZSB0aGlzIHRvIHNvbWUgcHJlZml4IHRvIHN0 YXRlIG5hbWUgKDpuYW1lLCBAbmFtZSBvciBzb21ldGhpbmcNCj4gbGlrZSB0aGlzKSBvciB0 byAic3RhdGUtYWN0aW9uKG5hbWUpIiBmb3JtYXQuIEl0IHdpbGwgYmUgbXVjaCBiZXR0ZXI6 IGxlc3MNCj4gZXJyb3ItcHJvbmUgYW5kIHdpbGwgd29yayB3aXRob3V0IHVnbHkgd2Fybmlu Z3Mgb24gb2xkIHJ1bGVzZXRzLg0KIE9yLCBtYXliZSwgc3RhdGUgbmFtZXMgc2hvdWxkIGJl IHByZS1kZWNsYXJlZCAoZXhjZXB0ICJkZWZhdWx0IiksIGFzDQogdGFibGUncyBvbmVzIGRv ZXMuIExpa2UNCg0KIGlwZncgZmxvdyBjcmVhdGUgbXktbmFtZQ0KIGlwZncgYWRkIGFsbG93 IGlwIGZyb20gYW4gdG8gYW55IGtlZXAtc3RhdGUgbXktbmFtZQ0KDQogVGhpcyB3aWxsIGJl IHNvbWV3aGF0IGJ1bGxldC1wcm9vZiENCg0KLS0gDQpCZXN0IHJlZ2FyZHMsDQogTGV2ICAg ICAgICAgICAgICAgICAgICAgICAgICAgIG1haWx0bzpsZXZARnJlZUJTRC5vcmc= ------------0AB1CA0A603C6AF5E Content-Type: application/pgp-signature -----BEGIN PGP MESSAGE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsP6TXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePDjAP/AgixsYeN2Cwjv1/ASA3EELm cQ7gVASleEguJRSIlJolSGZmLWHVZiOLngPat+E3f8FNNjmdLkvo3pZgBluf2BIX Z2ek+dDsMlP5WTtxntQTopYltgnfxM4u4ibC7yOKLBbKv5e1S/G/ck34b+S9ZGGX ZM+4UyUadIzJSpK/CcxNdMYbXbVJ9SSNKbX8/dXnqwNdZp3+/GF5mB4u1I1mChxA cHOVZJgQtNmp2FBmzlbFCYH0o2GVxxwlxRgGxFkgMFcpamyUe7T8FRvwTNszO0xV GtELZGVadX6wLI0BdJ4uqkbZKoxgdBX4tpsaepvsPTMnUTCxnc/YAei1ErMtoCZX aBTLXtQ1V5TNuTzEhQwxp5z0wkmUjxqR5IbF4y+ARBzHn65WjFi9cK9QpAuOAnf3 6K3E6luVWfH2IOLOijtEgaBpDwl42y28fYpHlcfsRPnUFw/xFXPo9w+CZgp04MqY rQE0Kth1dPmjMEkI9eIASwRVwg4fHOh+og3mG+G68i5SX7l7hvfstagBjgKQkkB2 ZekXB69g0LEz0CosbkzXxlIzou+d/ZORIMojKd0izsLuMTHvNW1qRdAD+xDO6dnC BZquisu3hrtW0j92/hTlKmD0y7fPfdoip+KCtpeN3+uR9nybZcpIA3kdKe0RSLfb fMLqJMgV8cIYUa5B2Pmz =2trx -----END PGP MESSAGE----- ------------0AB1CA0A603C6AF5E-- From owner-freebsd-ipfw@freebsd.org Mon Aug 15 06:11:44 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 440E4BBADC4 for ; Mon, 15 Aug 2016 06:11:44 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9A00E1676; Mon, 15 Aug 2016 06:11:42 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from localhost (localhost [127.0.0.1]) by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id u7F6BVbr031361; Mon, 15 Aug 2016 16:11:32 +1000 (EST) (envelope-from smithi@nimnet.asn.au) Date: Mon, 15 Aug 2016 16:11:31 +1000 (EST) From: Ian Smith To: Lev Serebryakov cc: "Andrey V. Elsukov" , freebsd-ipfw@freebsd.org Subject: Re: Named states in ipfw (and old rulesets) In-Reply-To: <1174736256.20160815022812@serebryakov.spb.ru> Message-ID: <20160815154037.P79687@sola.nimnet.asn.au> References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> <516433114.20160815013243@serebryakov.spb.ru> <1174736256.20160815022812@serebryakov.spb.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Aug 2016 06:11:44 -0000 On Mon, 15 Aug 2016 02:20:19 +0300, Lev Serebryakov wrote: > > Please, change this to some prefix to state name (:name, @name or something > > like this) or to "state-action(name)" format. It will be much better: less > > error-prone and will work without ugly warnings on old rulesets. I like the idea of something like :name, @name or perhaps =name ? as a distinct state name identifier. (name) seems like overkill, especially since it requires escaping on the command line as \(name\), and while of course such escaping is required now to identify table names, we don't need anything that might tend to confuse table names with state names. > Or, maybe, state names should be pre-declared (except "default"), as > table's ones does. Like > > ipfw flow create my-name > ipfw add allow ip from an to any keep-state my-name I really hope that's not necessary; the assumption of 'default' name for existing rulesets is good, and requiring pre-declaration of state names - except default - would be less .. orthogonal :) and not necessary. One thing I wondered about earlier but didn't ask is that the order of options is generally not relevant, so for example the commonly used: ipfw add skipto $somewhere tcp from $a to $b setup keep-state would currently be equally valid as: ipfw add skipto $somewhere tcp from $a to $b keep-state setup with possibly other options following? And while 'setup' should be recognised as an existing keyword, not a state name - as will '//' when that's fixed I guess? - still I wondered whether the keyword 'setup' would get "pushed back" for later parsing? > This will be somewhat bullet-proof! I think existing rulesets working out of the box is vital too; the last thing needed on managed remote boxes is firewall breakage on upgrading. cheers, Ian From owner-freebsd-ipfw@freebsd.org Mon Aug 15 09:32:20 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BAC4CBBA1E2 for ; Mon, 15 Aug 2016 09:32:20 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from onlyone.friendlyhosting.spb.ru (onlyone.friendlyhosting.spb.ru [148.251.9.81]) by mx1.freebsd.org (Postfix) with ESMTP id 4BF25142B; Mon, 15 Aug 2016 09:32:20 +0000 (UTC) (envelope-from lev@FreeBSD.org) Received: from [IPv6:2001:470:923f:2:1d49:5500:6272:5160] (unknown [IPv6:2001:470:923f:2:1d49:5500:6272:5160]) (Authenticated sender: lev@serebryakov.spb.ru) by onlyone.friendlyhosting.spb.ru (Postfix) with ESMTPSA id 7BCB5D5A; Mon, 15 Aug 2016 12:32:18 +0300 (MSK) Reply-To: lev@FreeBSD.org Subject: Re: Named states in ipfw (and old rulesets) References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> <516433114.20160815013243@serebryakov.spb.ru> <1174736256.20160815022812@serebryakov.spb.ru> <20160815154037.P79687@sola.nimnet.asn.au> To: Ian Smith Cc: "Andrey V. Elsukov" , freebsd-ipfw@freebsd.org From: Lev Serebryakov Organization: FreeBSD Message-ID: <57B18C1C.1000807@FreeBSD.org> Date: Mon, 15 Aug 2016 12:32:12 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0 MIME-Version: 1.0 In-Reply-To: <20160815154037.P79687@sola.nimnet.asn.au> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="gR8E3xoahAtW7GwAQ7NBsd55qkI45sMtj" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Aug 2016 09:32:20 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --gR8E3xoahAtW7GwAQ7NBsd55qkI45sMtj Content-Type: multipart/mixed; boundary="FwrKoVTVP8qFXDVql4h3BXDDDhbSP0Bk2" From: Lev Serebryakov Reply-To: lev@FreeBSD.org To: Ian Smith Cc: "Andrey V. Elsukov" , freebsd-ipfw@freebsd.org Message-ID: <57B18C1C.1000807@FreeBSD.org> Subject: Re: Named states in ipfw (and old rulesets) References: <1812167147.20160814202008@serebryakov.spb.ru> <1211733990.20160814202656@serebryakov.spb.ru> <2126139e-9c11-a55c-7573-8b4d3869bf87@FreeBSD.org> <516433114.20160815013243@serebryakov.spb.ru> <1174736256.20160815022812@serebryakov.spb.ru> <20160815154037.P79687@sola.nimnet.asn.au> In-Reply-To: <20160815154037.P79687@sola.nimnet.asn.au> --FwrKoVTVP8qFXDVql4h3BXDDDhbSP0Bk2 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 15.08.2016 9:11, Ian Smith wrote: > One thing I wondered about earlier but didn't ask is that the order of = > options is generally not relevant, so for example the commonly used: >=20 > ipfw add skipto $somewhere tcp from $a to $b setup keep-state >=20 > would currently be equally valid as: >=20 > ipfw add skipto $somewhere tcp from $a to $b keep-state setup >=20 > with possibly other options following? Both work now on -CURRENT as expected , but second one will show you two-line warning, that state name was changed to "default". > I think existing rulesets working out of the box is vital too; the last= =20 > thing needed on managed remote boxes is firewall breakage on upgrading.= Existing rulesets are not broken, but could give you non-intuitive warnings now :) --=20 // Lev Serebryakov AKA Black Lion --FwrKoVTVP8qFXDVql4h3BXDDDhbSP0Bk2-- --gR8E3xoahAtW7GwAQ7NBsd55qkI45sMtj Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQJ8BAEBCgBmBQJXsYwpXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRGOTZEMUNBMEI1RjQzMThCNjc0QjMzMEFF QUIwM0M1OEJGREM0NzhGAAoJEOqwPFi/3EePxJoP/Ayb8rFihYXbK5NXfqyrFLnH FUps37DcYkjv9kmQd1eY+r2R6MHLjWW1pSS7pgrb+VPtFUFC2ZWhpznuq9Iqo3n7 DZbu+/Gl5akeY0uGVm02hlu5IyHn9Jy5+hFikbyMMTvtVhXy+DaG2I4oz/V0KcAf bYlURujK4LIWjwzNrPG6s8YOWPQyRZUBuf3ourkTF15sOtNtpmwDLSVrtyS9IcS6 kj9YmKQwuntKvJ2Qka5ylDtvHfMtWkhb2OtRVcu24a3G2RwbwYgAVQZtJsvj6DXa D0ZrwzmVcxGTf2KsC9hIjh48wuk5sohhVeOJDUQnjAogzxLKVG+5JufoRtsUrz1e Fl+GPkOgOpN3lvrrk/puFwlN9EXgB032UNp+iyVc9o8kgT2oiuGEk8RG65K1joNe S6OpZhXvWfk/uxYc35iyUDi32QXmoeSnb/k3cHg99rNfGAWrFFcvH92wJE9nx4oS 7vfJL37sZlfKGNJ1faD+hcpy9uPQRQCK8bC9rKiMk7i+0/prdPiZnvuOEYDiWenU oqcAahr+eCRqncE+gEsSA3QwQg5Ibt3X+MG0orGfhjjkPhZtnQrqnA7Mjs2eD+Ei bBRscnwL8hcpKCunnzj0tmiJJLy5rlsVfrhEMgQjzXkfZUDg/LdVsH3NeYg+6zNT +1Cwm6QZQy3f/9hJnFvP =edDL -----END PGP SIGNATURE----- --gR8E3xoahAtW7GwAQ7NBsd55qkI45sMtj-- From owner-freebsd-ipfw@freebsd.org Mon Aug 15 22:11:59 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0E448BB9045 for ; Mon, 15 Aug 2016 22:11:59 +0000 (UTC) (envelope-from rj@obsigna.com) Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.smtp.rzone.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A1DCA17E6 for ; Mon, 15 Aug 2016 22:11:58 +0000 (UTC) (envelope-from rj@obsigna.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1471299115; l=972; s=domk; d=obsigna.com; h=To:References:Content-Transfer-Encoding:Date:In-Reply-To:From: Subject:Mime-Version:Content-Type; bh=QrKzx5xA+FdVdc16YLGkMFKJta7W8Av8t9j70lsMYxs=; b=FrsYkLRqDjGAweVBTcooJuWojusE1PQcpFJD8dKuoRWXnG3TdkNCpOrxWVrfLA0e7yz zjMeThAX/cP4sG8iUsQmjb73tw87BpSTtwkhGalojmZ9/Qd5L9vR3sp2A46SivGVAhiJf dieYYT0ntRX0SJUZZLDL7Gk1Je7kUBl3b1w= X-RZG-AUTH: :O2kGeEG7b/pS1EK7WHa0hxqKZr4lnx6UhToX1IWHkW4X7v2ImaU2B+3KSGnPFnK+130WqUsw X-RZG-CLASS-ID: mo00 Received: from mail.obsigna.com (bfb6bd8b.virtua.com.br [191.182.189.139]) by smtp.strato.de (RZmta 38.13 DYNA|AUTH) with ESMTPSA id z046a4s7FMBsMPt (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate) for ; Tue, 16 Aug 2016 00:11:54 +0200 (CEST) Received: from rolf.projectworld.net (rolf.projectworld.net [192.168.222.25]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.obsigna.com (Postfix) with ESMTPSA id 421CB229861E for ; Mon, 15 Aug 2016 19:11:51 -0300 (BRT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) Subject: Re: Notice on upcoming ipdbtools 1.1.1 From: "Dr. Rolf Jansen" In-Reply-To: Date: Mon, 15 Aug 2016 19:11:50 -0300 Content-Transfer-Encoding: quoted-printable Message-Id: <6D75E4CF-223F-4BAD-BC16-F102B5C6E275@obsigna.com> References: To: freebsd-ipfw@freebsd.org X-Mailer: Apple Mail (2.3124) X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Aug 2016 22:11:59 -0000 > Am 14.08.2016 um 12:15 schrieb Dr. Rolf Jansen : >=20 > As was noticed by the port maintainer, the initial release of = ipdbtools 1.1.0 into the ports did not compile on i386 systems because = the lack of the __uint128_t data type on 32bit systems, and which was = used for IPv6 computing. >=20 > In the meantime, I rolled in the necessary uint128 comparison, shift = and basic arithmetic operations that provide the missing built-in = __uint128_t operations on 32bit systems. The 64bit targets x86-64 and = arm64 continue to utilize the built-in operations. >=20 > The changes are ready on GitHub, and I will submit a changed port PR = on Monday (tomorrow) night, most of the post-mortem fixes since the = initial release are included -- I won't rename the tool 'ipup', though. I just submitted the PR for updating the port of ipdbtools to v1.1.1. https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D211881 Best regards Rolf= From owner-freebsd-ipfw@freebsd.org Thu Aug 18 06:53:57 2016 Return-Path: Delivered-To: freebsd-ipfw@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3010BBBD739 for ; Thu, 18 Aug 2016 06:53:57 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0783B17F2 for ; Thu, 18 Aug 2016 06:53:56 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from Julian-MBP3.local (ppp121-45-226-8.lns20.per1.internode.on.net [121.45.226.8]) (authenticated bits=0) by vps1.elischer.org (8.15.2/8.15.2) with ESMTPSA id u7I6rqx8000894 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Wed, 17 Aug 2016 23:53:55 -0700 (PDT) (envelope-from julian@freebsd.org) Subject: Re: Notice on upcoming ipdbtools 1.1.1 To: freebsd-ipfw@freebsd.org References: <6D75E4CF-223F-4BAD-BC16-F102B5C6E275@obsigna.com> From: Julian Elischer Message-ID: <8d8b0b94-bca4-587d-e370-3d3a188dbe30@freebsd.org> Date: Thu, 18 Aug 2016 14:53:47 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <6D75E4CF-223F-4BAD-BC16-F102B5C6E275@obsigna.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Aug 2016 06:53:57 -0000 On 16/08/2016 6:11 AM, Dr. Rolf Jansen wrote: >> Am 14.08.2016 um 12:15 schrieb Dr. Rolf Jansen : >> >> As was noticed by the port maintainer, the initial release of ipdbtools 1.1.0 into the ports did not compile on i386 systems because the lack of the __uint128_t data type on 32bit systems, and which was used for IPv6 computing. >> >> In the meantime, I rolled in the necessary uint128 comparison, shift and basic arithmetic operations that provide the missing built-in __uint128_t operations on 32bit systems. The 64bit targets x86-64 and arm64 continue to utilize the built-in operations. >> >> The changes are ready on GitHub, and I will submit a changed port PR on Monday (tomorrow) night, most of the post-mortem fixes since the initial release are included -- I won't rename the tool 'ipup', though. > I just submitted the PR for updating the port of ipdbtools to v1.1.1. great, when it happens I will try some analytics to see where my traffic is coming from.. (my gateway is i386) > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211881 > > Best regards > > Rolf > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >