From owner-freebsd-net  Wed Oct  2  9:56:31 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 38FA637B401
	for <freebsd-net@FreeBSD.ORG>; Wed,  2 Oct 2002 09:56:30 -0700 (PDT)
Received: from tp.databus.com (p70-227.acedsl.com [66.114.70.227])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9339843E3B
	for <freebsd-net@FreeBSD.ORG>; Wed,  2 Oct 2002 09:56:29 -0700 (PDT)
	(envelope-from barney@tp.databus.com)
Received: from tp.databus.com (localhost.databus.com [127.0.0.1])
	by tp.databus.com (8.12.6/8.12.6) with ESMTP id g92GuSE0075938;
	Wed, 2 Oct 2002 12:56:28 -0400 (EDT)
	(envelope-from barney@tp.databus.com)
Received: (from barney@localhost)
	by tp.databus.com (8.12.6/8.12.6/Submit) id g92GuRgB075937;
	Wed, 2 Oct 2002 12:56:27 -0400 (EDT)
Date: Wed, 2 Oct 2002 12:56:27 -0400
From: Barney Wolff <barney@tp.databus.com>
To: Luigi Rizzo <rizzo@icir.org>
Cc: Andrey Simonenko <simon@simon.org.ua>, freebsd-net@FreeBSD.ORG
Subject: Re: Q about sbin/ipfw2.c:list()
Message-ID: <20021002165627.GA75843@tp.databus.com>
References: <20021002141006.A1093-100000@lion.com.ua> <20021002062546.C22163@iguana.icir.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20021002062546.C22163@iguana.icir.org>
User-Agent: Mutt/1.4i
X-Scanned-By: MIMEDefang 2.21 (www . roaringpenguin . com / mimedefang)
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

Hmmm.  In ipfw1 there is always a rule 65535, unless I'm confused.
Is that not true of ipfw2?  In either case, should it or should it
not be counted?  Can it ever be deleted?  Can one have multiple
rules with the same number, as one can with ipfw1?  What happens
if there are multiple rules with number 65535?  I know, UTSL.

On Wed, Oct 02, 2002 at 06:25:46AM -0700, Luigi Rizzo wrote:
> On Wed, Oct 02, 2002 at 02:15:42PM +0300, Andrey Simonenko wrote:
> > Hello,
> > 
> > Why is it needed to check both r->rulenum and (void *)r < lim in
> > sbin/ipfw2.c:list() ?
> 
> because the buffer has a limited size (nbytes) and you don't want
> to read past it. However there is a bug in the code below,
> because you should swap the checks (void *)r < lim &&  r->rulenum < 65535
> 
> Whether ipfw1.c has the same bug or not i don't remember, but that
> is irrelevant anyways.

-- 
Barney Wolff
I'm available by contract or FT:  http://www.databus.com/bwresume.pdf

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message