From owner-cvs-all  Sun May 12 13:43:55 2002
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id EDAC537B401; Sun, 12 May 2002 13:43:50 -0700 (PDT)
Received: (from luigi@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g4CKhod56192;
	Sun, 12 May 2002 13:43:50 -0700 (PDT)
	(envelope-from luigi)
Message-Id: <200205122043.g4CKhod56192@freefall.freebsd.org>
From: Luigi Rizzo <luigi@FreeBSD.org>
Date: Sun, 12 May 2002 13:43:50 -0700 (PDT)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src/sys/netinet ip_fw.c
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

luigi       2002/05/12 13:43:50 PDT

  Modified files:
    sys/netinet          ip_fw.c 
  Log:
  Add code to match MAC header fields (at the moment supported on
  bridged packets only, soon to come also for packets on ordinary
  ether_input() and ether_output() paths. The syntax is
  
      ipfw add <action> MAC dst src type
  
  where dst and src can be "any" or a MAC address optionallyfollowed
  by a mask, e.g.
  
          10:20:30:40:50
          10:20:30:40:50/32
          10:20:30:40:50&ff:ff:ff:f0:ff:0f
  
  and type can be a single ethernet type, a range, or a type followed by
  a mask (values are always in hexadecimal) e.g.
  
          0800
          0800-0806
          0800/8
          0800&03ff
  
  Note, I am still uncertain on what is the best format for inputting
  these values, having the values in hexadecimal is convenient in most
  cases but can be confusing sometimes. Suggestions welcome.
  
  Implement suggestion from PR 37778 to allow "not me" on destination
  and source IP. The code in the PR was slightly wrong and interfered
  with the normal handling of IP addresses. This version hopefully is
  correct.
  
  Minor cleanup of the code, in some places moving the indentation to 4
  spaces because the code was becoming too deep. Eventually, in a
  separate commit, I will move the whole file to 4 space indent.
  
  Revision  Changes    Path
  1.186     +108 -62   src/sys/netinet/ip_fw.c

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message