From owner-cvs-all@FreeBSD.ORG Mon Sep 15 07:12:32 2003 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E725716A4BF; Mon, 15 Sep 2003 07:12:32 -0700 (PDT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1854B43FE3; Mon, 15 Sep 2003 07:12:31 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h8FECUkN079236; Mon, 15 Sep 2003 07:12:30 -0700 (PDT) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h8FECUYk079235; Mon, 15 Sep 2003 07:12:30 -0700 (PDT) (envelope-from rizzo) Date: Mon, 15 Sep 2003 07:12:30 -0700 From: Luigi Rizzo To: Maxim Konovalov Message-ID: <20030915071230.A79168@xorpc.icir.org> References: <200309151027.h8FAR3Xc012173@repoman.freebsd.org> <20030915172004.M88599@news1.macomnet.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030915172004.M88599@news1.macomnet.ru>; from maxim@FreeBSD.org on Mon, Sep 15, 2003 at 05:34:38PM +0400 cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sbin/ipfw ipfw2.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Sep 2003 14:12:33 -0000 On Mon, Sep 15, 2003 at 05:34:38PM +0400, Maxim Konovalov wrote: ... > > MFC (almost) of 3 bugs reported recently: > > + fix aligmnent issues on 64-bit architectures (1.40); > > + better argument checking when enabling/disabling ipfw-related > > sysctl variables (1.39) > > + fix handling of foo/0 as an alias for "any"; > -----^^^^^^^^^^^^^^^^^^^^^^^ > > This bug is not fixed in -current yet. yes i explicitly mentioned that to re@ (and the fact that it was urgent to commit it in RELENG_4 before 4.9) > And a lot others: ok, error handling is terribly weak, i know. Basically, all the cases below are errors -- "any" in an address list makes the entire list useless, "not any" never matches and so should never appear in an ipfw command. feel free to commit fixes to this part. cheers luigi > # ipfw -n add count all from any to not any > 00000 count ip from any to any > > # ipfw -n add count all from not any to any > 00000 count ip from any to any > > # ipfw -n add count all from any to { 1.1.1.1/1 or not any } > 00000 count ip from any to { 0.0.0.0/1 or > > # ipfw -n add count all from any to { 1.1.1.1/1 or any } > 00000 count ip from any to { 0.0.0.0/1 or > > # ipfw -n add count all from any to { 1.1.1.1/1 or 0.0.0.0/0 } > 00000 count ip from any to { 0.0.0.0/1 or > > and so on. > > -- > Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org