Re: Small problem with "ipfw list"

Tue, 09 Mar 2010 08:36:58 -0800 

On Tue, Mar 09, 2010 at 03:36:15PM +0100, Oliver Fromme wrote:
> Hi,
> 
> Just a question:  Is the output from "ipfw list" supposed
> to be in the same rule format that is accepted as input?

it is not, partly due to backward compatibility.
If you try "ipfw -c show" then you might have better luck though.

cheers
luigi

> If that's the case, then there is a small bug:
> 
> # ipfw add 100 allow ip from any to '{' 1.1.1.1 or 2.2.2.2 '}'
> 00100 allow ip from any to '{' 1.1.1.1 or dst-ip 2.2.2.2 '}'
> # ipfw list 100
> 00100 allow ip from any to '{' 1.1.1.1 or dst-ip 2.2.2.2 '}'
> # ipfw add 200 allow ip from any to '{' 1.1.1.1 or dst-ip 2.2.2.2 '}'
> ipfw: hostname ``dst-ip'' unknown
> 
> So it inserts the word "dst-ip" in the output when an "or"
> block is used, but that word isn't accepted as input.
> 
> I think the output from "ipfw list" should be valid rule
> format that could be fed back as input to ipfw(8).
> 
> In fact that's exactly what I need to do in a script that
> I've written recently, and the "dst-ip" problem bit me.
> I had to work around it with sed(1).
> 
> Best regards
>    Oliver
> 
> -- 
> Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
> Handelsregister: Registergericht Muenchen, HRA 74606,  Gesch?ftsfuehrung:
> secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht M?n-
> chen, HRB 125758,  Gesch?ftsf?hrer: Maik Bachmann, Olaf Erb, Ralf Gebhart
> 
> FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd
> 
> "Python is an experiment in how much freedom programmers need.
> Too much freedom and nobody can read another's code; too little
> and expressiveness is endangered."
>         -- Guido van Rossum
> _______________________________________________
> freebsd-ipfw@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"

Reply via email to