removing some error states
Michael Sierchio
kudzu at tenebras.com
Sat May 5 19:20:32 UTC 2018
Hi, Julian -
On Sat, May 5, 2018 at 11:03 AM, Julian Elischer <julian at freebsd.org> wrote:
>...
> it was never "ignore errors" It's "ignore a certain class of error".
>
> table 3 add 1.1.1.1
>>> table 3 add 1.1.1.1 <- no error.. this is what I want..
>>>
>>
I'm wondering if it shouldn't be atomically idempotent, or...
On a public-facing machine, I throttle all traffic until I get a successful
auth event, and then add an IP to a table containing a whitelist, which
bypasses the restrictive pipes. With a time_t value denoting when it was
added. It would be nice if it simply replaced the arg value
table 3 add 1.1.1.1 1525547787
and sometime later
table 3 add 1.1.1.1 1525576587
which I'd like to succeed. With 11.0+ I can do this atomically with two
tables and swap them, but...
> table 3 swap 21 <-- doesn't quit, but doesn't generate a new
>>
>>
+1 on this. Again, UPSERT semantics instead of DELETE-then-CREATE, or
CREATE.
- M
More information about the freebsd-ipfw
mailing list