From owner-freebsd-doc@FreeBSD.ORG Mon Sep 8 03:40:21 2003 Return-Path: Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6ED5516A4BF for ; Mon, 8 Sep 2003 03:40:21 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id DD29C43F93 for ; Mon, 8 Sep 2003 03:40:20 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h88AeKUp005450 for ; Mon, 8 Sep 2003 03:40:20 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h88AeK2B005449; Mon, 8 Sep 2003 03:40:20 -0700 (PDT) Date: Mon, 8 Sep 2003 03:40:20 -0700 (PDT) Message-Id: <200309081040.h88AeK2B005449@freefall.freebsd.org> To: freebsd-doc@FreeBSD.org From: Glen Gibb Subject: Re: docs/56021: Documentation incorrect for mac in ipfw2 X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Glen Gibb List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Sep 2003 10:40:21 -0000 The following reply was made to PR docs/56021; it has been noted by GNATS. From: Glen Gibb To: Peter Pentchev Cc: bug-followup@freebsd.org, Subject: Re: docs/56021: Documentation incorrect for mac in ipfw2 Date: Mon, 8 Sep 2003 20:34:44 +1000 (EST) The patch looks ok to me. Don't be surprised if I'm slow to reply for the next week or two - I'm currently travalling. Glen On Fri, 5 Sep 2003, Peter Pentchev wrote: > On Wed, Aug 27, 2003 at 11:07:21AM +1000, Glen Gibb wrote: > > > > >Number: 56021 > > >Category: docs > > >Synopsis: Documentation incorrect for mac in ipfw2 > > >Originator: Glen Gibb > > >Release: FreeBSD 5.1-CURRENT i386 > [snip] > > >Description: > > > > The man page for ipfw (IPFW2) is incomplete/misleading in regards to > > the "mac" option in the RULE OPTIONS section. > > > > The man page states that the address can be "optionally followed by a > > mask indicating how many bits are significant, as in MAC > > 10:20:30:40:50:60/33 any". This IS correct but it does not mention the > > second method of specifying a bit mask, that is by following the > > address with an ampersand (&) followed by the bitmask whcich is > > specified using the same format as the address. For example, if we > > wanted to match any mac address that ended with 60, we could use the > > following mask: > > > > MAC 00:00:00:00:50:60&00:00:00:00:00:ff > > What do you think about the following patch? > > G'luck, > Peter > > -- > Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org > PGP key: http://people.FreeBSD.org/~roam/roam.key.asc > Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 > This sentence was in the past tense. > > Index: src/sbin/ipfw/ipfw.8 > =================================================================== > RCS file: /home/ncvs/src/sbin/ipfw/ipfw.8,v > retrieving revision 1.131 > diff -u -r1.131 ipfw.8 > --- src/sbin/ipfw/ipfw.8 22 Jul 2003 07:41:24 -0000 1.131 > +++ src/sbin/ipfw/ipfw.8 5 Sep 2003 16:12:41 -0000 > @@ -1046,11 +1046,31 @@ > .Cm any > keyword (matching any MAC address), or six groups of hex digits > separated by colons, > -and optionally followed by a mask indicating how many bits are > -significant, as in > +and optionally followed by a mask indicating the significant bits. > +The mask may be specified using either of the following methods: > +.Bl -enum -width indent > +.It > +A slash > +.Pq / > +followed by the number of significant bits. > +For example, an address with 33 significant bits could be specified as: > .Pp > .Dl "MAC 10:20:30:40:50:60/33 any" > .Pp > +.It > +An ampersand > +.Pq & > +followed by a bitmask specified as six groups of hex digits separated > +by colons. > +For example, an address in which the last 16 bits are significant could > +be specified as: > +.Pp > +.Dl "MAC 10:20:30:40:50:60&00:00:00:00:00:ff any" > +.Pp > +Note that the ampersand character has a special meaning in many shells > +and should generally be escaped. > +.Pp > +.El > Note that the order of MAC addresses (destination first, > source second) is > the same as on the wire, but the opposite of the one used for >