conf/163037: net/ifstated default configuration problem
Filip Valder
filip at valder.cz
Sat Dec 3 12:50:10 UTC 2011
>Number: 163037
>Category: conf
>Synopsis: net/ifstated default configuration problem
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: doc-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Dec 03 12:50:10 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Filip Valder
>Release: 8.2-RELEASE
>Organization:
>Environment:
FreeBSD hlidac-ha.ulice 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Dec 2 22:08:52 CET 2011 root at hlidac-ha.ulice:/usr/obj/usr/src/sys/MYKERNEL i386
>Description:
The ifstated conf taken from OpenBSD uses ping syntax from this OS. But there is a difference in the waittime (maxwait) parameter. OpenBSD uses lowercased "w" with seconds, but FreeBSD uses uppercased "W" with milliseconds.
>How-To-Repeat:
The problem persists.
>Fix:
See this inline patch:
--- ifstated.conf-sample 2010-09-10 00:10:44.000000000 +0200
+++ ifstated.conf-patched 2011-12-03 13:40:17.000000000 +0100
@@ -18,12 +18,12 @@
# The "net" addresses are other addresses which can be used to determine
# whether we have connectivity. Make sure the hosts are always up, or
# test multiple ip's, 'or'-ing the tests.
-net = '( "ping -q -c 1 -w 1 192.168.6.8 > /dev/null" every 10 && \
- "ping -q -c 1 -w 1 192.168.3.8 > /dev/null" every 10)'
+net = '( "ping -q -c 1 -W 1000 192.168.6.8 > /dev/null" every 10 && \
+ "ping -q -c 1 -W 1000 192.168.3.8 > /dev/null" every 10)'
# The peer addresses below are the real ip addresses of the OTHER firewall
-peer = '( "ping -q -c 1 -w 1 192.168.6.7 > /dev/null" every 10 && \
- "ping -q -c 1 -w 1 192.168.3.7 > /dev/null" every 10)'
+peer = '( "ping -q -c 1 -W 1000 192.168.6.7 > /dev/null" every 10 && \
+ "ping -q -c 1 -W 1000 192.168.3.7 > /dev/null" every 10)'
state auto {
if $carp_up
Patch attached with submission follows:
--- ifstated.conf-sample 2010-09-10 00:10:44.000000000 +0200
+++ ifstated.conf-patched 2011-12-03 13:40:17.000000000 +0100
@@ -18,12 +18,12 @@
# The "net" addresses are other addresses which can be used to determine
# whether we have connectivity. Make sure the hosts are always up, or
# test multiple ip's, 'or'-ing the tests.
-net = '( "ping -q -c 1 -w 1 192.168.6.8 > /dev/null" every 10 && \
- "ping -q -c 1 -w 1 192.168.3.8 > /dev/null" every 10)'
+net = '( "ping -q -c 1 -W 1000 192.168.6.8 > /dev/null" every 10 && \
+ "ping -q -c 1 -W 1000 192.168.3.8 > /dev/null" every 10)'
# The peer addresses below are the real ip addresses of the OTHER firewall
-peer = '( "ping -q -c 1 -w 1 192.168.6.7 > /dev/null" every 10 && \
- "ping -q -c 1 -w 1 192.168.3.7 > /dev/null" every 10)'
+peer = '( "ping -q -c 1 -W 1000 192.168.6.7 > /dev/null" every 10 && \
+ "ping -q -c 1 -W 1000 192.168.3.7 > /dev/null" every 10)'
state auto {
if $carp_up
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list