Date: Mon, 8 Sep 2003 03:40:20 -0700 (PDT) From: Glen Gibb <grg@ridley.unimelb.edu.au> To: freebsd-doc@FreeBSD.org Subject: Re: docs/56021: Documentation incorrect for mac in ipfw2 Message-ID: <200309081040.h88AeK2B005449@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR docs/56021; it has been noted by GNATS. From: Glen Gibb <grg@ridley.unimelb.edu.au> To: Peter Pentchev <roam@ringlet.net> Cc: bug-followup@freebsd.org, <ipfw@freebsd.org> Subject: Re: docs/56021: Documentation incorrect for mac in ipfw2 Date: Mon, 8 Sep 2003 20:34:44 +1000 (EST) The patch looks ok to me. Don't be surprised if I'm slow to reply for the next week or two - I'm currently travalling. Glen On Fri, 5 Sep 2003, Peter Pentchev wrote: > On Wed, Aug 27, 2003 at 11:07:21AM +1000, Glen Gibb wrote: > > > > >Number: 56021 > > >Category: docs > > >Synopsis: Documentation incorrect for mac in ipfw2 > > >Originator: Glen Gibb > > >Release: FreeBSD 5.1-CURRENT i386 > [snip] > > >Description: > > > > The man page for ipfw (IPFW2) is incomplete/misleading in regards to > > the "mac" option in the RULE OPTIONS section. > > > > The man page states that the address can be "optionally followed by a > > mask indicating how many bits are significant, as in MAC > > 10:20:30:40:50:60/33 any". This IS correct but it does not mention the > > second method of specifying a bit mask, that is by following the > > address with an ampersand (&) followed by the bitmask whcich is > > specified using the same format as the address. For example, if we > > wanted to match any mac address that ended with 60, we could use the > > following mask: > > > > MAC 00:00:00:00:50:60&00:00:00:00:00:ff > > What do you think about the following patch? > > G'luck, > Peter > > -- > Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org > PGP key: http://people.FreeBSD.org/~roam/roam.key.asc > Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 > This sentence was in the past tense. > > Index: src/sbin/ipfw/ipfw.8 > =================================================================== > RCS file: /home/ncvs/src/sbin/ipfw/ipfw.8,v > retrieving revision 1.131 > diff -u -r1.131 ipfw.8 > --- src/sbin/ipfw/ipfw.8 22 Jul 2003 07:41:24 -0000 1.131 > +++ src/sbin/ipfw/ipfw.8 5 Sep 2003 16:12:41 -0000 > @@ -1046,11 +1046,31 @@ > .Cm any > keyword (matching any MAC address), or six groups of hex digits > separated by colons, > -and optionally followed by a mask indicating how many bits are > -significant, as in > +and optionally followed by a mask indicating the significant bits. > +The mask may be specified using either of the following methods: > +.Bl -enum -width indent > +.It > +A slash > +.Pq / > +followed by the number of significant bits. > +For example, an address with 33 significant bits could be specified as: > .Pp > .Dl "MAC 10:20:30:40:50:60/33 any" > .Pp > +.It > +An ampersand > +.Pq & > +followed by a bitmask specified as six groups of hex digits separated > +by colons. > +For example, an address in which the last 16 bits are significant could > +be specified as: > +.Pp > +.Dl "MAC 10:20:30:40:50:60&00:00:00:00:00:ff any" > +.Pp > +Note that the ampersand character has a special meaning in many shells > +and should generally be escaped. > +.Pp > +.El > Note that the order of MAC addresses (destination first, > source second) is > the same as on the wire, but the opposite of the one used for >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309081040.h88AeK2B005449>