From dpelleg@cs.cmu.edu  Sat Dec  7 15:08:39 2002
Return-Path: <dpelleg@cs.cmu.edu>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4F98D37B401
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  7 Dec 2002 15:08:39 -0800 (PST)
Received: from gw.pelleg.org (gw.pelleg.org [205.201.13.235])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7BCD043EB2
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  7 Dec 2002 15:08:38 -0800 (PST)
	(envelope-from dpelleg@cs.cmu.edu)
Received: from lank.auton.cs.cmu.edu (lank.wburn [192.168.3.41])
	(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
	(Client CN "dpelleg.dsl.telerama.com", Issuer "Dan Pelleg" (verified OK))
	by gw.pelleg.org (Postfix) with ESMTP id 0280357F3
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  7 Dec 2002 18:08:32 -0500 (EST)
Received: by lank.auton.cs.cmu.edu (Postfix, from userid 7675)
	id 7241473F; Sat,  7 Dec 2002 18:08:30 -0500 (EST)
Message-Id: <20021207230830.7241473F@lank.auton.cs.cmu.edu>
Date: Sat,  7 Dec 2002 18:08:30 -0500 (EST)
From: Dan Pelleg <daniel+bsd@pelleg.org>
Reply-To: Dan Pelleg <daniel+bsd@pelleg.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [PATCH] logamount in ipfw2 does not default to net.inet.ip.fw.verbose_limit
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         46080
>Category:       kern
>Synopsis:       [PATCH] logamount in ipfw2 does not default to net.inet.ip.fw.verbose_limit
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    maxim
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Dec 07 15:10:01 PST 2002
>Closed-Date:    Tue Sep 07 06:39:59 GMT 2004
>Last-Modified:  Tue Sep 07 06:39:59 GMT 2004
>Originator:     Dan Pelleg
>Release:        FreeBSD 4.7-STABLE i386
>Organization:
>Environment:
System: FreeBSD l 4.7-STABLE FreeBSD 4.7-STABLE #0: Sat Dec 7 17:24:18 EST 2002 d@l:/usr/scratch/obj/usr/src/sys/L i386
	
>Description:
The "log" option in ipfw2 works differently than it does in
ipfw. When given no "logamount" argument, then ipfw does as the man page
says and sets the limit to the value of net.inet.ip.fw.verbose_limit.
On the other hand, ipfw2 sets it to zero (meaning unlimited logging).


>How-To-Repeat:
	ipfw add log ip from any to any
>Fix:
Under the assumption that the man page is correct, and ipfw2's code is wrong:

--- src/sbin/ipfw/ipfw2.c.orig	Sat Dec  7 17:51:42 2002
+++ src/sbin/ipfw/ipfw2.c	Sat Dec  7 17:56:37 2002
@@ -2632,7 +2632,14 @@
 			if (c->max_log < 0)
 				errx(EX_DATAERR, "logamount must be positive");
 			ac--; av++;
-		}
+		} else {
+			size_t len = sizeof(c->max_log);
+
+			if (sysctlbyname("net.inet.ip.fw.verbose_limit",
+			    &c->max_log, &len, NULL, 0) == -1)
+				errx(1, "sysctlbyname(\"%s\")",
+				    "net.inet.ip.fw.verbose_limit");
+        }
 		cmd = next_cmd(cmd);
 	}
 

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->ipfw 
Responsible-Changed-By: johan 
Responsible-Changed-When: Wed Feb 5 01:58:44 PST 2003 
Responsible-Changed-Why:  
Over to maintainer group. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46080 

From: "Simon L. Nielsen" <simon@nitro.dk>
To: freebsd-gnats-submit@FreeBSD.org, daniel+bsd@pelleg.org
Cc:  
Subject: Re: kern/46080: [PATCH] logamount in ipfw2 does not default to net.inet.ip.fw.verbose_limit
Date: Sat, 8 Feb 2003 13:47:11 +0100

 --oyUTqETQ0mS9luUI
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 
 Hello
 
 I tested this on 4.7-STABLE from Feb 6 and I see the same problem, but
 the patch in this PR worked correctly for me.
 
 =46rom a quick look at the -CURRENT code it appears to have the same
 problem.
 
 --=20
 Simon L. Nielsen
 
 --oyUTqETQ0mS9luUI
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.1 (FreeBSD)
 
 iD8DBQE+RPxO8kocFXgPTRwRAoaHAJ9I7N05TSClhv0SAU9DYW3dJIUVcACfdzno
 LQJfYkWKO+hiBO4uBRn1qpQ=
 =J0oN
 -----END PGP SIGNATURE-----
 
 --oyUTqETQ0mS9luUI--

From: Jed Clear <clear@alum.mit.edu>
To: freebsd-gnats-submit@FreeBSD.org, daniel+bsd@pelleg.org
Cc:  
Subject: Re: kern/46080: [PATCH] logamount in ipfw2 does not default to 
 net.inet.ip.fw.verbose_limit
Date: Wed, 03 Dec 2003 22:57:55 -0500

 This still seems to be a mis-feature in 4.9-R.
 
 The patch seems viable in 4.9, although I applied it by hand.
 
 How do we get the patch noticed for inclusion in stable?
 
 -Jed
State-Changed-From-To: open->patched 
State-Changed-By: maxim 
State-Changed-When: Sun Aug 29 08:27:04 GMT 2004 
State-Changed-Why:  
Fixed in -CURRENT, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46080 
Responsible-Changed-From-To: ipfw->maxim 
Responsible-Changed-By: maxim 
Responsible-Changed-When: Sun Aug 29 08:27:36 GMT 2004 
Responsible-Changed-Why:  
MFC reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46080 
State-Changed-From-To: patched->closed 
State-Changed-By: maxim 
State-Changed-When: Tue Sep 7 06:39:31 GMT 2004 
State-Changed-Why:  
Fixed in RELENG_4 and RELENG_5 as well.  Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=46080 
>Unformatted:
