From 0c17df02f582ec6edd2c5bd936780bf18f471ee6 Mon Sep 17 00:00:00 2001
From: oleg <oleg@FreeBSD.org>
Date: Wed, 11 Apr 2018 11:12:20 +0000
Subject: [PATCH] Fix ipfw table creation when net.inet.ip.fw.tables_sets = 0
 and non zero set specified on table creation. This fixes following:

# sysctl net.inet.ip.fw.tables_sets
net.inet.ip.fw.tables_sets: 0
# ipfw table all info
# ipfw set 1 table 1 create type addr
# ipfw set 1 table 1 create type addr
# ipfw add 10 set 1 count ip from table\(1\) to any
00010 count ip from table(1) to any
# ipfw add 10 set 1 count ip from table\(1\) to any
00010 count ip from table(1) to any
# ipfw table all info
--- table(1), set(1) ---
 kindex: 4, type: addr
 references: 1, valtype: legacy
 algorithm: addr:radix
 items: 0, size: 296
--- table(1), set(1) ---
 kindex: 3, type: addr
 references: 1, valtype: legacy
 algorithm: addr:radix
 items: 0, size: 296
--- table(1), set(1) ---
 kindex: 2, type: addr
 references: 0, valtype: legacy
 algorithm: addr:radix
 items: 0, size: 296
--- table(1), set(1) ---
 kindex: 1, type: addr
 references: 0, valtype: legacy
 algorithm: addr:radix
 items: 0, size: 296
#

MFC after:	1 week
---
 sys/netpfil/ipfw/ip_fw_table.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/netpfil/ipfw/ip_fw_table.c b/sys/netpfil/ipfw/ip_fw_table.c
index 579ceaf5a474..67593aa9e2fc 100644
--- a/sys/netpfil/ipfw/ip_fw_table.c
+++ b/sys/netpfil/ipfw/ip_fw_table.c
@@ -3171,7 +3171,7 @@ alloc_table_config(struct ip_fw_chain *ch, struct tid_info *ti,
 		if (ntlv == NULL)
 			return (NULL);
 		name = ntlv->name;
-		set = ntlv->set;
+		set = (V_fw_tables_sets == 0) ? 0 : ntlv->set;
 	} else {
 		/* Compat part: convert number to string representation */
 		snprintf(bname, sizeof(bname), "%d", ti->uidx);