conf/163037: net/ifstated default configuration problem

[Filip Valder]

>Number:         163037
>Category:       conf
>Synopsis:       net/ifstated default configuration problem
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Dec 03 12:50:10 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Filip Valder
>Release:        8.2-RELEASE
>Organization:
>Environment:
FreeBSD hlidac-ha.ulice 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Dec  2 22:08:52 CET 2011     root at hlidac-ha.ulice:/usr/obj/usr/src/sys/MYKERNEL  i386

>Description:
The ifstated conf taken from OpenBSD uses ping syntax from this OS. But there is a difference in the waittime (maxwait) parameter. OpenBSD uses lowercased "w" with seconds, but FreeBSD uses uppercased "W" with milliseconds.
>How-To-Repeat:
The problem persists.
>Fix:
See this inline patch:

--- ifstated.conf-sample        2010-09-10 00:10:44.000000000 +0200
+++ ifstated.conf-patched       2011-12-03 13:40:17.000000000 +0100
@@ -18,12 +18,12 @@
 # The "net" addresses are other addresses which can be used to determine
 # whether we have connectivity. Make sure the hosts are always up, or
 # test multiple ip's, 'or'-ing the tests.
-net = '( "ping -q -c 1 -w 1 192.168.6.8 > /dev/null" every 10 && \
-    "ping -q -c 1 -w 1 192.168.3.8 > /dev/null" every 10)'
+net = '( "ping -q -c 1 -W 1000 192.168.6.8 > /dev/null" every 10 && \
+    "ping -q -c 1 -W 1000 192.168.3.8 > /dev/null" every 10)'

 # The peer addresses below are the real ip addresses of the OTHER firewall
-peer = '( "ping -q -c 1 -w 1 192.168.6.7 > /dev/null" every 10 && \
-    "ping -q -c 1 -w 1 192.168.3.7 > /dev/null" every 10)'
+peer = '( "ping -q -c 1 -W 1000 192.168.6.7 > /dev/null" every 10 && \
+    "ping -q -c 1 -W 1000 192.168.3.7 > /dev/null" every 10)'

 state auto {
        if $carp_up


Patch attached with submission follows:

--- ifstated.conf-sample        2010-09-10 00:10:44.000000000 +0200
+++ ifstated.conf-patched       2011-12-03 13:40:17.000000000 +0100
@@ -18,12 +18,12 @@
 # The "net" addresses are other addresses which can be used to determine
 # whether we have connectivity. Make sure the hosts are always up, or
 # test multiple ip's, 'or'-ing the tests.
-net = '( "ping -q -c 1 -w 1 192.168.6.8 > /dev/null" every 10 && \
-    "ping -q -c 1 -w 1 192.168.3.8 > /dev/null" every 10)'
+net = '( "ping -q -c 1 -W 1000 192.168.6.8 > /dev/null" every 10 && \
+    "ping -q -c 1 -W 1000 192.168.3.8 > /dev/null" every 10)'

 # The peer addresses below are the real ip addresses of the OTHER firewall
-peer = '( "ping -q -c 1 -w 1 192.168.6.7 > /dev/null" every 10 && \
-    "ping -q -c 1 -w 1 192.168.3.7 > /dev/null" every 10)'
+peer = '( "ping -q -c 1 -W 1000 192.168.6.7 > /dev/null" every 10 && \
+    "ping -q -c 1 -W 1000 192.168.3.7 > /dev/null" every 10)'

 state auto {
	if $carp_up


>Release-Note:
>Audit-Trail:
>Unformatted: