From owner-freebsd-rc@FreeBSD.ORG Sun Nov 5 18:50:20 2006 Return-Path: X-Original-To: rc@FreeBSD.org Delivered-To: freebsd-rc@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3FA5916A40F for ; Sun, 5 Nov 2006 18:50:20 +0000 (UTC) (envelope-from ceri@submonkey.net) Received: from shrike.submonkey.net (cpc2-cdif2-0-0-cust107.cdif.cable.ntl.com [81.104.168.108]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF77643D5F for ; Sun, 5 Nov 2006 18:50:19 +0000 (GMT) (envelope-from ceri@submonkey.net) Received: from ceri by shrike.submonkey.net with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1Ggn4U-000E5F-Eb for rc@FreeBSD.org; Sun, 05 Nov 2006 18:50:18 +0000 Date: Sun, 5 Nov 2006 18:50:18 +0000 From: Ceri Davies To: rc@FreeBSD.org Message-ID: <20061105185018.GG36592@submonkey.net> Mail-Followup-To: Ceri Davies , rc@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="4D0iojmU0rbTyz/6" Content-Disposition: inline X-PGP: finger ceri@FreeBSD.org User-Agent: Mutt/1.5.13 (2006-08-11) Sender: Ceri Davies Cc: Subject: IPfilter rulesets X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2006 18:50:20 -0000 --4D0iojmU0rbTyz/6 Content-Type: multipart/mixed; boundary="pS0IeWLqOQV1qy0L" Content-Disposition: inline --pS0IeWLqOQV1qy0L Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable The attached patch is a re-expression of a patch in PR 97311, which tests that the load of rules into IP Filter's alternate ruleset was successful before trying to overwrite the active ruleset. Would anyone here object if I committed it? Cheers, Ceri --=20 That must be wonderful! I don't understand it at all. -- Moliere --pS0IeWLqOQV1qy0L Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="97311.diff" Content-Transfer-Encoding: quoted-printable Index: ipfilter =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/home/ncvs/src/etc/rc.d/ipfilter,v retrieving revision 1.24 diff -u -r1.24 ipfilter --- ipfilter 7 Jul 2005 05:59:44 -0000 1.24 +++ ipfilter 4 Nov 2006 13:09:15 -0000 @@ -93,11 +93,17 @@ if [ -r "${ipfilter_rules}" ]; then ${ipfilter_program:-/sbin/ipf} -I \ -f "${ipfilter_rules}" ${ipfilter_flags} + if [ $? -ne 0 ]; then + err 1 'Load of rules into alternate set failed; aborting reload' + fi fi ${ipfilter_program:-/sbin/ipf} -I -6 -Fa if [ -r "${ipv6_ipfilter_rules}" ]; then ${ipfilter_program:-/sbin/ipf} -I -6 \ -f "${ipv6_ipfilter_rules}" ${ipfilter_flags} + if [ $? -ne 0 ]; then + err 1 'Load of IPv6 rules into alternate set failed; aborting reload' + fi fi ${ipfilter_program:-/sbin/ipf} -s =20 --pS0IeWLqOQV1qy0L-- --4D0iojmU0rbTyz/6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFTjJqocfcwTS3JF8RArApAKCO1sQxtI/njCUVU4KyhSgCvChhBACeLNTG 5GfuSsQDXQOWwGwKytcz5Do= =+pPx -----END PGP SIGNATURE----- --4D0iojmU0rbTyz/6-- From owner-freebsd-rc@FreeBSD.ORG Mon Nov 6 11:08:10 2006 Return-Path: X-Original-To: freebsd-rc@FreeBSD.org Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CBFB16A54F for ; Mon, 6 Nov 2006 11:08:10 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 71A5643D64 for ; Mon, 6 Nov 2006 11:08:09 +0000 (GMT) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id kA6B89el014020 for ; Mon, 6 Nov 2006 11:08:09 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id kA6B88Pr014016 for freebsd-rc@FreeBSD.org; Mon, 6 Nov 2006 11:08:08 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 6 Nov 2006 11:08:08 GMT Message-Id: <200611061108.kA6B88Pr014016@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: linimon set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-rc@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2006 11:08:10 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/48881 rc [PATCH] The influence of /etc/start_ifname on /etc/rc. o conf/98734 rc [patch] /etc/rc.subr restart_postcmd is failing start_ o conf/98758 rc [patch] Templatize 'jail_fstab' in /etc/rc.d/jail o conf/98846 rc [patch] Templatize 'jail_rootdir' in /etc/rc.d/jail o bin/104623 rc "rc.d/ppp restart" stops all instances of ppp 5 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/45226 rc Fix for rc.network, ppp-user annoyance o conf/48870 rc [PATCH] rc.network: allow to cancel interface status d o conf/55916 rc [PATCH] ppp-user options o conf/58939 rc [patch] dumb little hack for /etc/rc.firewall{,6} o conf/73677 rc [patch] add support for powernow states to power_profi o conf/74817 rc [patch] network.subr: fixed automatic configuration of o conf/77663 rc Suggestion: add /etc/rc.d/addnetswap after addcritremo o conf/78906 rc [patch] Allow mixer_enable="NO" in rc.conf o conf/79196 rc [PATCH] configurable dummynet loading from /etc/rc.co o kern/81006 rc ipnat not working with tunnel interfaces on startup o conf/85363 rc syntax error in /etc/rc.d/devfs o conf/85819 rc [patch] script allowing multiuser mode in spite of fsc o conf/88913 rc [patch] wrapper support for rc.subr o conf/89061 rc [patch] IPv6 6to4 auto-configuration enhancement o conf/89870 rc [patch] feature request to make netif verbose rc.conf o conf/92523 rc [patch] allow rc scripts to kill process after a timeo o conf/93815 rc [patch] Adds in the ability to save ipfw rules to rc.d o conf/95162 rc [patch] Missing feature in rc.subr o conf/96343 rc [patch] rc.d order change to start inet6 before pf o conf/96766 rc run_rc_command doesn't work for Python scripts o conf/97311 rc [patch] /etc/rc.d/ipfilter reload can load bad files o conf/99444 rc [patch] Enhancement: rc.subr could easily support star o conf/99595 rc [PATCH] /etc/rc.d/dhclient doesn't interact well with o conf/99721 rc [patch] /etc/rc.initdiskless problem copy dotfile in s o bin/100287 rc /etc/rc.subr cannot deal properly with interpreted dae o conf/102700 rc [PATCH] Add encrypted /tmp support to GELI/GBDE rc.d s o conf/102722 rc kerberos5 server startupscript should use --detach o conf/102913 rc /etc/rc.d/named killall in jailed OS o conf/103486 rc [rc.d] [patch] rc.d/jail: mount fstab after devfs o conf/103489 rc [rc.d] [patch] named_chroot_autoupdate doesn't work in o conf/103976 rc rc.d/named restart failure o conf/104408 rc command not set in rc.d/isdnd, can't stop isdnd with t o conf/104549 rc [patch] rc.d/nfsd needs special _find_processes functi o conf/104884 rc [patch] Add support EtherChannel configuration to rc.c o conf/105145 rc [PATCH] add redial function to rc.d/ppp 35 problems total. From owner-freebsd-rc@FreeBSD.ORG Sat Nov 11 10:49:44 2006 Return-Path: X-Original-To: freebsd-rc@hub.freebsd.org Delivered-To: freebsd-rc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15EBE16A416; Sat, 11 Nov 2006 10:49:44 +0000 (UTC) (envelope-from ceri@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9CE6F43D4C; Sat, 11 Nov 2006 10:49:43 +0000 (GMT) (envelope-from ceri@FreeBSD.org) Received: from freefall.freebsd.org (ceri@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id kABAnh6v093889; Sat, 11 Nov 2006 10:49:43 GMT (envelope-from ceri@freefall.freebsd.org) Received: (from ceri@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id kABAnhbs093885; Sat, 11 Nov 2006 10:49:43 GMT (envelope-from ceri) Date: Sat, 11 Nov 2006 10:49:43 GMT From: Ceri Davies Message-Id: <200611111049.kABAnhbs093885@freefall.freebsd.org> To: david@bushong.net, ceri@FreeBSD.org, freebsd-rc@FreeBSD.org, ceri@FreeBSD.org Cc: Subject: Re: conf/97311: [patch] /etc/rc.d/ipfilter reload can load bad files X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2006 10:49:44 -0000 Synopsis: [patch] /etc/rc.d/ipfilter reload can load bad files State-Changed-From-To: open->patched State-Changed-By: ceri State-Changed-When: Sat Nov 11 10:49:05 UTC 2006 State-Changed-Why: Patched in -HEAD, thanks. Responsible-Changed-From-To: freebsd-rc->ceri Responsible-Changed-By: ceri Responsible-Changed-When: Sat Nov 11 10:49:05 UTC 2006 Responsible-Changed-Why: Patched in -HEAD, thanks. http://www.freebsd.org/cgi/query-pr.cgi?pr=97311