Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 17 Apr 2008 09:47:20 +0400
From:      "Andrey V. Elsukov" <bu7cher@yandex.ru>
To:        Julian Elischer <julian@elischer.org>
Cc:        FreeBSD Net <freebsd-net@freebsd.org>, ipfw@freebsd.org, Luigi Rizzo <rizzo@icir.org>
Subject:   Re: addition to ipfw table..
Message-ID:  <4806E468.5030906@yandex.ru>
In-Reply-To: <4806BA59.4030106@elischer.org>
References:  <4806BA59.4030106@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.
--------------090204050606090409040801
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit

Julian Elischer wrote:
> I do know it won't handle non contiguous masks well but as the
> ipfw ABI code only accepts a network mask length instead of a
> mask, there's not much that can be done.
> I may suggest a later fix for that but it will break the ABI.
> 
> comments?

What you think about my patch?

-- 
WBR, Andrey V. Elsukov

--------------090204050606090409040801
Content-Type: text/plain;
 name="ipfw_table_mask.diff.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="ipfw_table_mask.diff.txt"

Index: src/sbin/ipfw/ipfw2.c
===================================================================
RCS file: /ncvs/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.118
diff -u -p -r1.118 ipfw2.c
--- src/sbin/ipfw/ipfw2.c	27 Feb 2008 13:52:33 -0000	1.118
+++ src/sbin/ipfw/ipfw2.c	17 Apr 2008 05:45:27 -0000
@@ -5833,7 +5833,7 @@ table_handler(int ac, char *av[])
 	ipfw_table_entry ent;
 	ipfw_table *tbl;
 	int do_add;
-	char *p;
+	char *p, md;
 	socklen_t l;
 	uint32_t a;
 
@@ -5850,10 +5850,22 @@ table_handler(int ac, char *av[])
 		ac--; av++;
 		if (!ac)
 			errx(EX_USAGE, "IP address required");
-		p = strchr(*av, '/');
+		p = strpbrk(*av, "/:");
 		if (p) {
+			md = *p;
 			*p++ = '\0';
-			ent.masklen = atoi(p);
+			switch (md) {
+			case ':':
+				if (!inet_aton(p, (struct in_addr *)&a))
+					errx(EX_DATAERR, "bad netmask ``%s''", p);
+				ent.masklen = contigmask((uint8_t *)&a, 32);
+				if (ent.masklen > 32)
+					errx(EX_DATAERR,
+						"netmask ``%s'' is not contiguous", p);
+				break;
+			case '/':
+				ent.masklen = atoi(p);
+			}
 			if (ent.masklen > 32)
 				errx(EX_DATAERR, "bad width ``%s''", p);
 		} else

--------------090204050606090409040801--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4806E468.5030906>