From bz@zabbadoz.net  Sat Dec 20 12:31:56 2003
Return-Path: <bz@zabbadoz.net>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BEE2616A4CF
	for <freebsd-gnats-submit@freebsd.org>; Sat, 20 Dec 2003 12:31:49 -0800 (PST)
Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DEA1743D48
	for <freebsd-gnats-submit@freebsd.org>; Sat, 20 Dec 2003 12:31:45 -0800 (PST)
	(envelope-from bz@zabbadoz.net)
Received: from transport.cksoft.de (localhost [127.0.0.1])
	by transport.cksoft.de (Postfix) with ESMTP id C0D531FF931
	for <freebsd-gnats-submit@freebsd.org>; Sat, 20 Dec 2003 13:44:35 +0100 (CET)
Received: by transport.cksoft.de (Postfix, from userid 66)
	id 25F361FF90C; Sat, 20 Dec 2003 13:44:34 +0100 (CET)
Received: by mail.int.zabbadoz.net (Postfix, from userid 1060)
	id CF655153ED; Sat, 20 Dec 2003 12:44:02 +0000 (UTC)
Message-Id: <20031220124402.CF655153ED@mail.int.zabbadoz.net>
Date: Sat, 20 Dec 2003 12:44:02 +0000 (UTC)
From: "Bjoern A. Zeeb" <bzeeb+freebsd@zabbadoz.net>
Reply-To: "Bjoern A. Zeeb" <bzeeb+freebsd@zabbadoz.net>
To: FreeBSD-gnats-submit@freebsd.org
Cc: bzeeb+freebsd@zabbadoz.net
Subject: ipfw: permit use of flush w/ preprocessor
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         60433
>Category:       bin
>Synopsis:       ipfw: permit use of flush w/ preprocessor
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    maxim
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Dec 20 12:40:21 PST 2003
>Closed-Date:    Thu Jan 15 05:03:29 PST 2004
>Last-Modified:  Thu Jan 15 05:03:29 PST 2004
>Originator:     Bjoern A. Zeeb
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
Zabbadoz.NeT
>Environment:
FreeBSD crisco.sbone.de 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Mon Dec  8 17:21:44 UTC 2003     bz@noc.int.zabbadoz.net:/export/src/src/obj/export/src/src/HEAD/compile-crisco-20031208-1530/sys/ZAB1-2003120101-CF  i386

>Description:

when using a preprocessor for adding ipfw rules
and the preprocessor output includes a flush
command  thw user will always be asked for confirmation
(I also got asked at boot time) which is not practical.

Further -f (don't ask for confirmation) didn't
work with -p up to now.

>How-To-Repeat:

# echo "flush" >> /tmp/ipfw-rules.m4

# ipfw -f  -p /usr/bin/m4 /tmp/ipfw-rules.m4
ipfw: illegal option -- f
ipfw: bad arguments, for usage summary ``ipfw''

# ipfw -p /usr/bin/m4 /tmp/ipfw-rules.m4
command is /usr/bin/m4
Are you sure? [yn] y

Flushed all rules.

>Fix:

this patch updates ipfw binary and manpage to also
support -f with -p.

--- src/sbin/ipfw/ipfw2.c.orig	Fri Dec 12 18:01:31 2003
+++ src/sbin/ipfw/ipfw2.c	Fri Dec 12 19:22:50 2003
@@ -63,6 +63,7 @@
 		do_dynamic,		/* display dynamic rules */
 		do_expired,		/* display expired dynamic rules */
 		do_compact,		/* show rules in compact mode */
+		do_force,		/* Don't ask for confirmation */
 		show_sets,		/* display rule sets */
 		test_only,		/* only check syntax */
 		comment_only,		/* only print action and comment */
@@ -3593,7 +3594,6 @@
 	int ch, ac, save_ac;
 	char **av, **save_av;
 	int do_acct = 0;		/* Show packet/byte count */
-	int do_force = 0;		/* Don't ask for confirmation */
 
 #define WHITESP		" \t\f\v\n\r"
 	if (oldac == 0)
@@ -3678,7 +3678,9 @@
 	}
 
 	/* Set the force flag for non-interactive processes */
-	do_force = !isatty(STDIN_FILENO);
+	if (!do_force) {
+		do_force = !isatty(STDIN_FILENO);
+	}
 
 	/* Save arguments for final freeing of memory. */
 	save_ac = ac;
@@ -3840,10 +3842,14 @@
 
 	filename = av[ac-1];
 
-	while ((c = getopt(ac, av, "cNnp:qS")) != -1) {
+	while ((c = getopt(ac, av, "cfNnp:qS")) != -1) {
 		switch(c) {
 		case 'c':
 			do_compact = 1;
+			break;
+
+		case 'f':
+			do_force = 1;
 			break;
 
 		case 'N':
--- src/sbin/ipfw/ipfw.8.orig	Fri Dec 12 19:23:03 2003
+++ src/sbin/ipfw/ipfw.8	Fri Dec 12 19:24:21 2003
@@ -1,7 +1,7 @@
 .\"
 .\" $FreeBSD: src/sbin/ipfw/ipfw.8,v 1.135 2003/12/12 16:14:28 luigi Exp $
 .\"
-.Dd December 1, 2003
+.Dd December 12, 2003
 .Dt IPFW 8
 .Os
 .Sh NAME
@@ -54,7 +54,7 @@
 .Op Ar number ...
 .Pp
 .Nm
-.Op Fl cnNqS
+.Op Fl cfnNqS
 .Oo
 .Fl p Ar preproc
 .Oo

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->patched 
State-Changed-By: maxim 
State-Changed-When: Wed Dec 24 05:04:14 PST 2003 
State-Changed-Why:  
Committed to -CURRENT, thanks! 


Responsible-Changed-From-To: freebsd-bugs->maxim 
Responsible-Changed-By: maxim 
Responsible-Changed-When: Wed Dec 24 05:04:14 PST 2003 
Responsible-Changed-Why:  
MFC reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60433 
State-Changed-From-To: patched->closed 
State-Changed-By: maxim 
State-Changed-When: Thu Jan 15 05:03:08 PST 2004 
State-Changed-Why:  
Fixed in -STABLE as well. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=60433 
>Unformatted:
