From 306fe283a1ce93e48cb0c6c10f433e8c9d561ee8 Mon Sep 17 00:00:00 2001
From: Luigi Rizzo <luigi@FreeBSD.org>
Date: Mon, 19 Aug 2002 04:45:01 +0000
Subject: [PATCH] Raise limit for port lists to 30 entries/ranges.

Remove a duplicate "logging" message, and identify the firewall
as ipfw2 in the boot message.
---
 sys/netinet/ip_fw2.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c
index f5753e6a74f5..5ea8bcfdec34 100644
--- a/sys/netinet/ip_fw2.c
+++ b/sys/netinet/ip_fw2.c
@@ -2372,8 +2372,8 @@ check_ipfw_struct(struct ip_fw *rule, int size)
 
 		case O_MAC_TYPE:
 		case O_IP_SRCPORT:
-		case O_IP_DSTPORT: /* XXX artificial limit, 15 port pairs */
-			if (cmdlen < 2 || cmdlen > 15)
+		case O_IP_DSTPORT: /* XXX artificial limit, 30 port pairs */
+			if (cmdlen < 2 || cmdlen > 31)
 				goto bad_size;
 			break;
 
@@ -2692,14 +2692,13 @@ ipfw_init(void)
 	add_rule(&layer3_chain, &default_rule);
 
 	ip_fw_default_rule = layer3_chain;
-	printf("IP packet filtering initialized, divert %s, "
-		"rule-based forwarding %s, default to %s, logging ",
+	printf("ipfw2 initialized, divert %s, "
+		"rule-based forwarding enabled, default to %s, logging ",
 #ifdef IPDIVERT
 		"enabled",
 #else
 		"disabled",
 #endif
-		"enabled",
 		default_rule.cmd[0].opcode == O_ACCEPT ? "accept" : "deny");
 
 #ifdef IPFIREWALL_VERBOSE
@@ -2708,7 +2707,6 @@ ipfw_init(void)
 #ifdef IPFIREWALL_VERBOSE_LIMIT
 	verbose_limit = IPFIREWALL_VERBOSE_LIMIT;
 #endif
-	printf("logging ");
 	if (fw_verbose == 0)
 		printf("disabled\n");
 	else if (verbose_limit == 0)