bin/115372: [ipfw]: "ipfw show" prints ill result.

[Tsurutani Naoki]

The following reply was made to PR bin/115372; it has been noted by GNATS.

From: Tsurutani Naoki <turutani at scphys.kyoto-u.ac.jp>
To: bug-followup at FreeBSD.org, "Andrey V. Elsukov" <bu7cher at yandex.ru>
Cc: Maxim Konovalov <maxim at FreeBSD.org>, Oleg Bulyzhin <oleg at FreeBSD.org>
Subject: Re: bin/115372: [ipfw]: "ipfw show" prints ill result.
Date: Fri, 10 Aug 2007 18:30:58 +0900

 Hello,
 
 "Andrey V. Elsukov" <bu7cher at yandex.ru> wrote:
 
 > this bug was not introduced by mentioned commit.
 > You can see this bug also with following rules:
 > # ipfw add allow ip from any to any not ipid 1,2,3,4,5
 > # ipfw add allow ip from any to any not ipttl 1,2,3,4,5
 > # ipfw add allow ip from any to any not iplen 1,2,3,4,5
 > and "not tcpdatalen 1,2,3,4", "not tagged 1,2,3,4".
 
 That's right.
 I tried some of above, and the previous version can produce
 duplicated "not".
 On my FreeBSD 6-STABLE host, the patch should be modified (only about line numbers),
 like following;
 @@ -632,8 +632,6 @@
         int i;
         char const *sep;
 
 -       if (cmd->o.len & F_NOT)
 -               printf(" not");
         if (opcode != 0) {
                 sep = match_value(_port_name, opcode);
                 if (sep == NULL)
 @@ -1715,6 +1713,8 @@
                         show_prerequisites(&flags, HAVE_PROTO|HAVE_SRCIP, 0);
                         if ((cmd->len & F_OR) && !or_block)
                                 printf(" {");
 +                       if (cmd->len & F_NOT)
 +                               printf(" not");
                         print_newports((ipfw_insn_u16 *)cmd, proto,
                                 (flags & HAVE_OPTIONS) ? cmd->opcode : 0);
                         break;
 
 However, I do not know whether it is perfect or insufficient.
 Please fix as you think good.
 Thank you for your follow-up and patch.