Date: Thu, 17 Apr 2008 09:47:20 +0400 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: Julian Elischer <julian@elischer.org> Cc: FreeBSD Net <freebsd-net@freebsd.org>, ipfw@freebsd.org, Luigi Rizzo <rizzo@icir.org> Subject: Re: addition to ipfw table.. Message-ID: <4806E468.5030906@yandex.ru> In-Reply-To: <4806BA59.4030106@elischer.org> References: <4806BA59.4030106@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
Julian Elischer wrote:
> I do know it won't handle non contiguous masks well but as the
> ipfw ABI code only accepts a network mask length instead of a
> mask, there's not much that can be done.
> I may suggest a later fix for that but it will break the ABI.
>
> comments?
What you think about my patch?
--
WBR, Andrey V. Elsukov
[-- Attachment #2 --]
Index: src/sbin/ipfw/ipfw2.c
===================================================================
RCS file: /ncvs/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.118
diff -u -p -r1.118 ipfw2.c
--- src/sbin/ipfw/ipfw2.c 27 Feb 2008 13:52:33 -0000 1.118
+++ src/sbin/ipfw/ipfw2.c 17 Apr 2008 05:45:27 -0000
@@ -5833,7 +5833,7 @@ table_handler(int ac, char *av[])
ipfw_table_entry ent;
ipfw_table *tbl;
int do_add;
- char *p;
+ char *p, md;
socklen_t l;
uint32_t a;
@@ -5850,10 +5850,22 @@ table_handler(int ac, char *av[])
ac--; av++;
if (!ac)
errx(EX_USAGE, "IP address required");
- p = strchr(*av, '/');
+ p = strpbrk(*av, "/:");
if (p) {
+ md = *p;
*p++ = '\0';
- ent.masklen = atoi(p);
+ switch (md) {
+ case ':':
+ if (!inet_aton(p, (struct in_addr *)&a))
+ errx(EX_DATAERR, "bad netmask ``%s''", p);
+ ent.masklen = contigmask((uint8_t *)&a, 32);
+ if (ent.masklen > 32)
+ errx(EX_DATAERR,
+ "netmask ``%s'' is not contiguous", p);
+ break;
+ case '/':
+ ent.masklen = atoi(p);
+ }
if (ent.masklen > 32)
errx(EX_DATAERR, "bad width ``%s''", p);
} else
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4806E468.5030906>