svn commit: r337536 - head/sbin/ipfw

Rodney W. Grimes freebsd at pdx.rh.CN85.dnsmgr.net
Thu Aug 9 14:28:51 UTC 2018 

> Author: ae
> Date: Thu Aug  9 12:46:30 2018
> New Revision: 337536
> URL: https://svnweb.freebsd.org/changeset/base/337536
> 
> Log:
>   If -q flag is specified, do not complain when we are trying to delete
>   nonexistent NAT instance or nonexistent rule.

It would probably be better to not overload -q with what is
usually a -f like functionality of a command.  Sadly -f is
already used in ipfw, so another option should be choosen.

>   This allows execute batched `delete` commands and do not fail when
>   found nonexistent rule.

So now I can not code a quiet ipfw command that does fail when
I give it a bad delete command :-(.

>   Obtained from:	Yandex LLC
>   MFC after:	2 weeks
>   Sponsored by:	Yandex LLC
> 
> Modified:
>   head/sbin/ipfw/ipfw2.c
> 
> Modified: head/sbin/ipfw/ipfw2.c
> ==============================================================================
> --- head/sbin/ipfw/ipfw2.c	Thu Aug  9 12:17:03 2018	(r337535)
> +++ head/sbin/ipfw/ipfw2.c	Thu Aug  9 12:46:30 2018	(r337536)
> @@ -3271,9 +3271,11 @@ ipfw_delete(char *av[])
>  			exitval = do_cmd(IP_FW_NAT_DEL, &i, sizeof i);
>  			if (exitval) {
>  				exitval = EX_UNAVAILABLE;
> -				warn("rule %u not available", i);
> +				if (co.do_quiet)
> +					continue;
> +				warn("nat %u not available", i);
>  			}
> - 		} else if (co.do_pipe) {
> +		} else if (co.do_pipe) {
>  			exitval = ipfw_delete_pipe(co.do_pipe, i);
>  		} else {
>  			memset(&rt, 0, sizeof(rt));
> @@ -3295,10 +3297,14 @@ ipfw_delete(char *av[])
>  			i = do_range_cmd(IP_FW_XDEL, &rt);
>  			if (i != 0) {
>  				exitval = EX_UNAVAILABLE;
> +				if (co.do_quiet)
> +					continue;
>  				warn("rule %u: setsockopt(IP_FW_XDEL)",
>  				    rt.start_rule);
>  			} else if (rt.new_set == 0 && do_set == 0) {
>  				exitval = EX_UNAVAILABLE;
> +				if (co.do_quiet)
> +					continue;
>  				if (rt.start_rule != rt.end_rule)
>  					warnx("no rules rules in %u-%u range",
>  					    rt.start_rule, rt.end_rule);
> @@ -3308,7 +3314,7 @@ ipfw_delete(char *av[])
>  			}
>  		}
>  	}
> -	if (exitval != EX_OK)
> +	if (exitval != EX_OK && co.do_quiet == 0)
>  		exit(exitval);
>  }
>  
> 
> 

-- 
Rod Grimes                                                 rgrimes at freebsd.org

More information about the svn-src-all mailing list