Bug 241013 - ipfw: Silence firewall_logif on ipfw service restart
Summary: ipfw: Silence firewall_logif on ipfw service restart
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: conf (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-ipfw (Nobody)
URL:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2019-10-02 13:51 UTC by Jose Luis Duran
Modified: 2020-07-13 13:11 UTC (History)
1 user (show)

See Also:


Attachments
Silence firewall_logif on ipfw service restart (390 bytes, patch)
2019-10-02 13:51 UTC, Jose Luis Duran
no flags Details | Diff
Disable logging and destroy ipfw0 interface upon service stop (522 bytes, patch)
2020-07-07 08:49 UTC, Jose Luis Duran
no flags Details | Diff
Disable the interface ipfw0 upon service stop (402 bytes, patch)
2020-07-07 15:55 UTC, Jose Luis Duran
no flags Details | Diff
Less destructive approach (503 bytes, patch)
2020-07-13 11:43 UTC, Jose Luis Duran
no flags Details | Diff
Tell the user if the interface already existed (593 bytes, patch)
2020-07-13 13:11 UTC, Jose Luis Duran
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Jose Luis Duran 2019-10-02 13:51:19 UTC
Created attachment 208032 [details]
Silence firewall_logif on ipfw service restart

Once the ipfw0 interface has been created, ifconfig(8) create will throw a warning: `ifconfig: create: bad value' when trying to create it again.
    
This patch silences it.
Comment 1 Jose Luis Duran 2020-07-07 08:36:49 UTC
(In reply to Jose Luis Duran from comment #0)

The warning message is more descriptive now.  Not sure if silencing it is really a benefit:

    ifconfig: interface ipfw0 already exists
Comment 2 Jose Luis Duran 2020-07-07 08:49:55 UTC
Created attachment 216277 [details]
Disable logging and destroy ipfw0 interface upon service stop

Second option just in case.
Comment 3 lutz 2020-07-07 15:51:18 UTC
I oppose this approach.

Modifying a sysctl value in the background is surprising to the user.

I do not see any code for retaining the old value for the next usage. So if the service is restarted, the log-sysctl value will unconditionally lost and any new messages will be suppressed.
Comment 4 Jose Luis Duran 2020-07-07 15:54:22 UTC
(In reply to lutz from comment #3)

That is understandable. Attached is patch3 (also just in case) which disables only the interface.
Comment 5 Jose Luis Duran 2020-07-07 15:55:31 UTC
Created attachment 216298 [details]
Disable the interface ipfw0 upon service stop

Destroy just the interface and leave the sysctl on. (option 3).
Comment 6 Jose Luis Duran 2020-07-13 11:43:22 UTC
Created attachment 216416 [details]
Less destructive approach

Take 4: Do not attempt to create interface if it already exists.
Comment 7 Jose Luis Duran 2020-07-13 13:11:03 UTC
Created attachment 216419 [details]
Tell the user if the interface already existed