The following reply was made to PR bin/115372; it has been noted by GNATS.
From: Tsurutani Naoki <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], "Andrey V. Elsukov" <[EMAIL PROTECTED]>
Cc: Maxim Konovalov <[EMAIL PROTECTED]>, Oleg Bulyzhin <[EMAIL PROTECTED]>
Subject: Re: bin/115372: [ipfw]: "ipfw show" prints ill result.
Date: Fri, 10 Aug 2007 18:30:58 +0900
Hello,
"Andrey V. Elsukov" <[EMAIL PROTECTED]> wrote:
> this bug was not introduced by mentioned commit.
> You can see this bug also with following rules:
> # ipfw add allow ip from any to any not ipid 1,2,3,4,5
> # ipfw add allow ip from any to any not ipttl 1,2,3,4,5
> # ipfw add allow ip from any to any not iplen 1,2,3,4,5
> and "not tcpdatalen 1,2,3,4", "not tagged 1,2,3,4".
That's right.
I tried some of above, and the previous version can produce
duplicated "not".
On my FreeBSD 6-STABLE host, the patch should be modified (only about line
numbers),
like following;
@@ -632,8 +632,6 @@
int i;
char const *sep;
- if (cmd->o.len & F_NOT)
- printf(" not");
if (opcode != 0) {
sep = match_value(_port_name, opcode);
if (sep == NULL)
@@ -1715,6 +1713,8 @@
show_prerequisites(&flags, HAVE_PROTO|HAVE_SRCIP, 0);
if ((cmd->len & F_OR) && !or_block)
printf(" {");
+ if (cmd->len & F_NOT)
+ printf(" not");
print_newports((ipfw_insn_u16 *)cmd, proto,
(flags & HAVE_OPTIONS) ? cmd->opcode : 0);
break;
However, I do not know whether it is perfect or insufficient.
Please fix as you think good.
Thank you for your follow-up and patch.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
