[Bug 212630] ipfw swap does not swap tables between sets

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Mon Sep 12 20:25:47 UTC 2016 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212630

            Bug ID: 212630
           Summary: ipfw swap does not swap tables between sets
           Product: Base System
           Version: 11.0-RC1
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: avernar at gmail.com

I have net.inet.ip.fw.tables_sets=1 to place tables into sets.  The ipfw set
move command works and moves the tables into the new set.  The ipfw set swap
command does not swap the tables between sets.

#sysctl net.inet.ip.fw.tables_sets=1
#ipfw set 2 table test create
#ipfw set 3 table test create
#ipfw set 2 table test add 10.0.0.0/8
#ipfw add set 2 deny all from any to "table(test)" via tun
#ipfw -S table all list
--- table(test), set(3) ---
--- table(test), set(2) ---
10.0.0.0/8 0
#ipfw set swap 2 3
#ipfw -S table all list
--- table(test), set(3) ---
--- table(test), set(2) ---
10.0.0.0/8 0

It looks like the swap_sets_cb function in is getting called multiple times for
the same tables:

swap_sets_cb: no=0xfffff80013313d00, no->kidx=2, no->name=test, no->set=3,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff800b21e0b00, no->kidx=1, no->name=test, no->set=2,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff80013313d00, no->kidx=2, no->name=test, no->set=2,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff800b21e0b00, no->kidx=1, no->name=test, no->set=3,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff80013313d00, no->kidx=2, no->name=test, no->set=3,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff800b21e0b00, no->kidx=1, no->name=test, no->set=2,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff80013313d00, no->kidx=2, no->name=test, no->set=2,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff800b21e0b00, no->kidx=1, no->name=test, no->set=3,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff80013313d00, no->kidx=2, no->name=test, no->set=3,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff800b21e0b00, no->kidx=1, no->name=test, no->set=2,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff80013313d00, no->kidx=2, no->name=test, no->set=2,
args->set=2, args->new_set=3
swap_sets_cb: no=0xfffff800b21e0b00, no->kidx=1, no->name=test, no->set=3,
args->set=2, args->new_set=3

That is all the calls for one "ipfw set swap 2 3" command.  Since it's an even
number of calls for each object they all end up in their original sets instead
of swapped.

Ah, just figured out why.  Each table rewriter is asked to swap tables and
their are six rewriters.  Each rewriter's table_manage_sets calls
ipfw_obj_manage_sets to swap the two tables.  That's why I see 6 calls to
swap_sets_cb, 6 rewriters x 2 tables = 12 calls.  That's why it doesn't swap.

I also checked how many times move_sets_cb is called and it's also 12 times (6
* 2).  But for move it's only one way so it ends up working.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list