Date: Fri, 8 Jul 2011 13:04:47 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r223869 - stable/8/sbin/ipfw Message-ID: <201107081304.p68D4lUx019496@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Fri Jul 8 13:04:47 2011 New Revision: 223869 URL: http://svn.freebsd.org/changeset/base/223869 Log: Merge from head/ 220802, 220804: Whitespace fixes. Checked with: md5, diff -w Modified: stable/8/sbin/ipfw/altq.c stable/8/sbin/ipfw/dummynet.c stable/8/sbin/ipfw/ipfw2.c stable/8/sbin/ipfw/ipfw2.h stable/8/sbin/ipfw/ipv6.c stable/8/sbin/ipfw/main.c stable/8/sbin/ipfw/nat.c Directory Properties: stable/8/sbin/ipfw/ (props changed) Modified: stable/8/sbin/ipfw/altq.c ============================================================================== --- stable/8/sbin/ipfw/altq.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/altq.c Fri Jul 8 13:04:47 2011 (r223869) @@ -45,7 +45,7 @@ /* * Map between current altq queue id numbers and names. */ -static TAILQ_HEAD(, pf_altq) altq_entries = +static TAILQ_HEAD(, pf_altq) altq_entries = TAILQ_HEAD_INITIALIZER(altq_entries); void @@ -139,13 +139,13 @@ altq_qid_to_name(u_int32_t qid) void print_altq_cmd(ipfw_insn_altq *altqptr) { - if (altqptr) { - const char *qname; + if (altqptr) { + const char *qname; - qname = altq_qid_to_name(altqptr->qid); - if (qname == NULL) - printf(" altq ?<%u>", altqptr->qid); - else - printf(" altq %s", qname); - } + qname = altq_qid_to_name(altqptr->qid); + if (qname == NULL) + printf(" altq ?<%u>", altqptr->qid); + else + printf(" altq %s", qname); + } } Modified: stable/8/sbin/ipfw/dummynet.c ============================================================================== --- stable/8/sbin/ipfw/dummynet.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/dummynet.c Fri Jul 8 13:04:47 2011 (r223869) @@ -275,7 +275,7 @@ flush_buf(char *buf) printf("%s\n", buf); buf[0] = '\0'; } - + /* * generic list routine. We expect objects in a specific order, i.e. * PIPES AND SCHEDULERS: @@ -408,25 +408,25 @@ ipfw_delete_pipe(int do_pipe, int i) * We can model the additional delay with an empirical curve * that represents its distribution. * - * cumulative probability - * 1.0 ^ - * | - * L +-- loss-level x - * | ****** - * | * - * | ***** - * | * - * | ** - * | * - * +-------*-------------------> - * delay + * cumulative probability + * 1.0 ^ + * | + * L +-- loss-level x + * | ****** + * | * + * | ***** + * | * + * | ** + * | * + * +-------*-------------------> + * delay * * The empirical curve may have both vertical and horizontal lines. * Vertical lines represent constant delay for a range of * probabilities; horizontal lines correspond to a discontinuty * in the delay distribution: the link will use the largest delay * for a given probability. - * + * * To pass the curve to dummynet, we must store the parameters * in a file as described below, and issue the command * @@ -439,9 +439,9 @@ ipfw_delete_pipe(int do_pipe, int i) * the number of samples used in the internal * representation (2..1024; default 100); * - * loss-level L + * loss-level L * The probability above which packets are lost. - * (0.0 <= L <= 1.0, default 1.0 i.e. no loss); + * (0.0 <= L <= 1.0, default 1.0 i.e. no loss); * * name identifier * Optional a name (listed by "ipfw pipe show") @@ -462,18 +462,18 @@ ipfw_delete_pipe(int do_pipe, int i) * the curve as needed. * * Example of a profile file: - - name bla_bla_bla - samples 100 - loss-level 0.86 - prob delay - 0 200 # minimum overhead is 200ms - 0.5 200 - 0.5 300 - 0.8 1000 - 0.9 1300 - 1 1300 - + + name bla_bla_bla + samples 100 + loss-level 0.86 + prob delay + 0 200 # minimum overhead is 200ms + 0.5 200 + 0.5 300 + 0.8 1000 + 0.9 1300 + 1 1300 + * Internally, we will convert the curve to a fixed number of * samples, and when it is time to transmit a packet we will * model the extra delay as extra bits in the packet. @@ -603,7 +603,7 @@ load_extra_delays(const char *filename, if (f == NULL) err(EX_UNAVAILABLE, "fopen: %s", filename); - while (fgets(line, ED_MAX_LINE_LEN, f)) { /* read commands */ + while (fgets(line, ED_MAX_LINE_LEN, f)) { /* read commands */ char *s, *cur = line, *name = NULL, *arg = NULL; ++lineno; @@ -730,7 +730,7 @@ load_extra_delays(const char *filename, /* * configuration of pipes, schedulers, flowsets. * When we configure a new scheduler, an empty pipe is created, so: - * + * * do_pipe = 1 -> "pipe N config ..." only for backward compatibility * sched N+Delta type fifo sched_mask ... * pipe N+Delta <parameters> @@ -945,7 +945,7 @@ ipfw_config_pipe(int ac, char **av) mask->addr_type = 6; pa6 = &mask->dst_ip6; break; - + case TOK_SRCIP6: mask->addr_type = 6; pa6 = &mask->src_ip6; Modified: stable/8/sbin/ipfw/ipfw2.c ============================================================================== --- stable/8/sbin/ipfw/ipfw2.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/ipfw2.c Fri Jul 8 13:04:47 2011 (r223869) @@ -210,7 +210,7 @@ static struct _s_x rule_actions[] = { { "unreach", TOK_UNREACH }, { "check-state", TOK_CHECKSTATE }, { "//", TOK_COMMENT }, - { "nat", TOK_NAT }, + { "nat", TOK_NAT }, { "reass", TOK_REASS }, { "setfib", TOK_SETFIB }, { NULL, 0 } /* terminator */ @@ -314,7 +314,7 @@ static struct _s_x rule_options[] = { { NULL, 0 } /* terminator */ }; -/* +/* * The following is used to generate a printable argument for * 64-bit numbers, irrespective of platform alignment and bit size. * Because all the printf in this program use %llu as a format, @@ -372,8 +372,8 @@ do_cmd(int optname, void *optval, uintpt if (optname == IP_FW_GET || optname == IP_DUMMYNET_GET || optname == IP_FW_ADD || optname == IP_FW_TABLE_LIST || - optname == IP_FW_TABLE_GETSIZE || - optname == IP_FW_NAT_GET_CONFIG || + optname == IP_FW_TABLE_GETSIZE || + optname == IP_FW_NAT_GET_CONFIG || optname < 0 || optname == IP_FW_NAT_GET_LOG) { if (optname < 0) @@ -427,7 +427,7 @@ match_value(struct _s_x *p, int value) int _substrcmp(const char *str1, const char* str2) { - + if (strncmp(str1, str2, strlen(str1)) != 0) return 1; @@ -455,7 +455,7 @@ _substrcmp(const char *str1, const char* int _substrcmp2(const char *str1, const char* str2, const char* str3) { - + if (strncmp(str1, str2, strlen(str2)) != 0) return 1; @@ -1019,7 +1019,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt /* * first print actions */ - for (l = rule->cmd_len - rule->act_ofs, cmd = ACTION_PTR(rule); + for (l = rule->cmd_len - rule->act_ofs, cmd = ACTION_PTR(rule); l > 0 ; l -= F_LEN(cmd), cmd += F_LEN(cmd)) { switch(cmd->opcode) { case O_CHECK_STATE: @@ -1114,7 +1114,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt case O_NAT: PRINT_UINT_ARG("nat ", cmd->arg1); break; - + case O_SETFIB: PRINT_UINT_ARG("setfib ", cmd->arg1); break; @@ -1122,7 +1122,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt case O_REASS: printf("reass"); break; - + default: printf("** unrecognized action %d len %d ", cmd->opcode, cmd->len); @@ -1149,7 +1149,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt /* * then print the body. */ - for (l = rule->act_ofs, cmd = rule->cmd ; + for (l = rule->act_ofs, cmd = rule->cmd ; l > 0 ; l -= F_LEN(cmd) , cmd += F_LEN(cmd)) { if ((cmd->len & F_OR) || (cmd->len & F_NOT)) continue; @@ -1159,7 +1159,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt } else if (cmd->opcode == O_IP6) { flags |= HAVE_PROTO6; break; - } + } } if (rule->_pad & 1) { /* empty rules before options */ if (!co.do_compact) { @@ -1173,7 +1173,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt if (co.comment_only) comment = "..."; - for (l = rule->act_ofs, cmd = rule->cmd ; + for (l = rule->act_ofs, cmd = rule->cmd ; l > 0 ; l -= F_LEN(cmd) , cmd += F_LEN(cmd)) { /* useful alias */ ipfw_insn_u32 *cmd32 = (ipfw_insn_u32 *)cmd; @@ -1557,7 +1557,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt } } show_prerequisites(&flags, HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP - | HAVE_IP, 0); + | HAVE_IP, 0); if (comment) printf(" // %s", comment); printf("\n"); @@ -1611,7 +1611,7 @@ show_dyn_ipfw(ipfw_dyn_rule *d, int pcwi sizeof(buf)), d->id.dst_port); } else printf(" UNKNOWN <-> UNKNOWN\n"); - + printf("\n"); } @@ -2188,7 +2188,6 @@ n2mask(struct in6_addr *mask, int n) } return; } - /* * helper function to process a set of flags and set bits in the @@ -2219,9 +2218,9 @@ fill_flags(ipfw_insn *cmd, enum ipfw_opc *which |= (uint8_t)val; p = q; } - cmd->opcode = opcode; - cmd->len = (cmd->len & (F_NOT | F_OR)) | 1; - cmd->arg1 = (set & 0xff) | ( (clear & 0xff) << 8); + cmd->opcode = opcode; + cmd->len = (cmd->len & (F_NOT | F_OR)) | 1; + cmd->arg1 = (set & 0xff) | ( (clear & 0xff) << 8); } @@ -2279,7 +2278,7 @@ ipfw_delete(char *av[]) * fill the interface structure. We do not check the name as we can * create interfaces dynamically, so checking them at insert time * makes relatively little sense. - * Interface names containing '*', '?', or '[' are assumed to be shell + * Interface names containing '*', '?', or '[' are assumed to be shell * patterns which match interfaces. */ static void @@ -2753,7 +2752,7 @@ ipfw_add(char *av[]) goto chkarg; case TOK_TEE: action->opcode = O_TEE; -chkarg: +chkarg: if (!av[0]) errx(EX_USAGE, "missing argument for %s", *(av - 1)); if (isdigit(**av)) { @@ -2807,7 +2806,7 @@ chkarg: "illegal forwarding port ``%s''", s); p->sa.sin_port = (u_short)i; } - if (_substrcmp(*av, "tablearg") == 0) + if (_substrcmp(*av, "tablearg") == 0) p->sa.sin_addr.s_addr = INADDR_ANY; else lookup_host(*av, &(p->sa.sin_addr)); @@ -2826,25 +2825,25 @@ chkarg: size_t intsize = sizeof(int); action->opcode = O_SETFIB; - NEED1("missing fib number"); + NEED1("missing fib number"); if (_substrcmp(*av, "tablearg") == 0) { action->arg1 = IP_FW_TABLEARG; } else { - action->arg1 = strtoul(*av, NULL, 10); + action->arg1 = strtoul(*av, NULL, 10); if (sysctlbyname("net.fibs", &numfibs, &intsize, NULL, 0) == -1) errx(EX_DATAERR, "fibs not suported.\n"); if (action->arg1 >= numfibs) /* Temporary */ errx(EX_DATAERR, "fib too large.\n"); } - av++; - break; + av++; + break; } case TOK_REASS: action->opcode = O_REASS; break; - + default: errx(EX_DATAERR, "invalid action %s\n", av[-1]); } @@ -3139,7 +3138,7 @@ read_options: errx(EX_USAGE, "+missing \")\"\n"); open_par = 0; prev = NULL; - break; + break; case TOK_IN: fill_cmd(cmd, O_IN, 0, 0); @@ -3192,7 +3191,7 @@ read_options: fill_icmptypes((ipfw_insn_u32 *)cmd, *av); av++; break; - + case TOK_ICMP6TYPES: NEED1("icmptypes requires list of types"); fill_icmp6types((ipfw_insn_icmp6 *)cmd, *av); @@ -3428,7 +3427,7 @@ read_options: av++; } break; - + case TOK_DSTIP6: NEED1("missing destination IP6"); if (add_dstip6(cmd, *av)) { @@ -3821,10 +3820,10 @@ ipfw_table_handler(int ac, char *av[]) if (strchr(*av, (int)'.') == NULL && isdigit(**av)) { ent.value = strtoul(*av, NULL, 0); } else { - if (lookup_host(*av, (struct in_addr *)&tval) == 0) { + if (lookup_host(*av, (struct in_addr *)&tval) == 0) { /* The value must be stored in host order * * so that the values < 65k can be distinguished */ - ent.value = ntohl(tval); + ent.value = ntohl(tval); } else { errx(EX_NOHOST, "hostname ``%s'' unknown", *av); } @@ -3843,7 +3842,7 @@ ipfw_table_handler(int ac, char *av[]) if (do_cmd(IP_FW_TABLE_ADD, &ent, sizeof(ent)) < 0) err(EX_OSERR, - "setsockopt(IP_FW_TABLE_ADD)"); + "setsockopt(IP_FW_TABLE_ADD)"); } } } else if (_substrcmp(*av, "flush") == 0) { Modified: stable/8/sbin/ipfw/ipfw2.h ============================================================================== --- stable/8/sbin/ipfw/ipfw2.h Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/ipfw2.h Fri Jul 8 13:04:47 2011 (r223869) @@ -183,7 +183,7 @@ enum tokens { TOK_PROXY_ONLY, TOK_REDIR_ADDR, TOK_REDIR_PORT, - TOK_REDIR_PROTO, + TOK_REDIR_PROTO, TOK_IPV6, TOK_FLOWID, Modified: stable/8/sbin/ipfw/ipv6.c ============================================================================== --- stable/8/sbin/ipfw/ipv6.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/ipv6.c Fri Jul 8 13:04:47 2011 (r223869) @@ -76,7 +76,7 @@ print_unreach6_code(uint16_t code) printf("unreach6 %u", code); } -/* +/* * Print the ip address contained in a command. */ void @@ -90,43 +90,43 @@ print_ip6(ipfw_insn_ip6 *cmd, char const printf("%s%s ", cmd->o.len & F_NOT ? " not": "", s); if (cmd->o.opcode == O_IP6_SRC_ME || cmd->o.opcode == O_IP6_DST_ME) { - printf("me6"); - return; + printf("me6"); + return; } if (cmd->o.opcode == O_IP6) { - printf(" ip6"); - return; + printf(" ip6"); + return; } /* - * len == 4 indicates a single IP, whereas lists of 1 or more - * addr/mask pairs have len = (2n+1). We convert len to n so we - * use that to count the number of entries. - */ + * len == 4 indicates a single IP, whereas lists of 1 or more + * addr/mask pairs have len = (2n+1). We convert len to n so we + * use that to count the number of entries. + */ for (len = len / 4; len > 0; len -= 2, a += 2) { - int mb = /* mask length */ - (cmd->o.opcode == O_IP6_SRC || cmd->o.opcode == O_IP6_DST) ? - 128 : contigmask((uint8_t *)&(a[1]), 128); - - if (mb == 128 && co.do_resolv) - he = gethostbyaddr((char *)a, sizeof(*a), AF_INET6); - if (he != NULL) /* resolved to name */ - printf("%s", he->h_name); - else if (mb == 0) /* any */ - printf("any"); - else { /* numeric IP followed by some kind of mask */ - if (inet_ntop(AF_INET6, a, trad, sizeof( trad ) ) == NULL) - printf("Error ntop in print_ip6\n"); - printf("%s", trad ); - if (mb < 0) /* XXX not really legal... */ - printf(":%s", - inet_ntop(AF_INET6, &a[1], trad, sizeof(trad))); - else if (mb < 128) - printf("/%d", mb); - } - if (len > 2) - printf(","); + int mb = /* mask length */ + (cmd->o.opcode == O_IP6_SRC || cmd->o.opcode == O_IP6_DST) ? + 128 : contigmask((uint8_t *)&(a[1]), 128); + + if (mb == 128 && co.do_resolv) + he = gethostbyaddr((char *)a, sizeof(*a), AF_INET6); + if (he != NULL) /* resolved to name */ + printf("%s", he->h_name); + else if (mb == 0) /* any */ + printf("any"); + else { /* numeric IP followed by some kind of mask */ + if (inet_ntop(AF_INET6, a, trad, sizeof( trad ) ) == NULL) + printf("Error ntop in print_ip6\n"); + printf("%s", trad ); + if (mb < 0) /* XXX not really legal... */ + printf(":%s", + inet_ntop(AF_INET6, &a[1], trad, sizeof(trad))); + else if (mb < 128) + printf("/%d", mb); + } + if (len > 2) + printf(","); } } @@ -137,20 +137,20 @@ fill_icmp6types(ipfw_insn_icmp6 *cmd, ch bzero(cmd, sizeof(*cmd)); while (*av) { - if (*av == ',') - av++; - type = strtoul(av, &av, 0); - if (*av != ',' && *av != '\0') - errx(EX_DATAERR, "invalid ICMP6 type"); + if (*av == ',') + av++; + type = strtoul(av, &av, 0); + if (*av != ',' && *av != '\0') + errx(EX_DATAERR, "invalid ICMP6 type"); /* * XXX: shouldn't this be 0xFF? I can't see any reason why * we shouldn't be able to filter all possiable values * regardless of the ability of the rest of the kernel to do * anything useful with them. */ - if (type > ICMP6_MAXTYPE) - errx(EX_DATAERR, "ICMP6 type out of range"); - cmd->d[type / 32] |= ( 1 << (type % 32)); + if (type > ICMP6_MAXTYPE) + errx(EX_DATAERR, "ICMP6 type out of range"); + cmd->d[type / 32] |= ( 1 << (type % 32)); } cmd->o.opcode = O_ICMP6TYPE; cmd->o.len |= F_INSN_SIZE(ipfw_insn_icmp6); @@ -165,12 +165,12 @@ print_icmp6types(ipfw_insn_u32 *cmd) printf(" ip6 icmp6types"); for (i = 0; i < 7; i++) - for (j=0; j < 32; ++j) { - if ( (cmd->d[i] & (1 << (j))) == 0) - continue; - printf("%c%d", sep, (i*32 + j)); - sep = ','; - } + for (j=0; j < 32; ++j) { + if ( (cmd->d[i] & (1 << (j))) == 0) + continue; + printf("%c%d", sep, (i*32 + j)); + sep = ','; + } } void @@ -181,9 +181,9 @@ print_flow6id( ipfw_insn_u32 *cmd) printf(" flow-id "); for( i=0; i < limit; ++i) { - if (i == limit - 1) - sep = ' '; - printf("%d%c", cmd->d[i], sep); + if (i == limit - 1) + sep = ' '; + printf("%d%c", cmd->d[i], sep); } } @@ -193,11 +193,11 @@ static struct _s_x ext6hdrcodes[] = { { "hopopt", EXT_HOPOPTS }, { "route", EXT_ROUTING }, { "dstopt", EXT_DSTOPTS }, - { "ah", EXT_AH }, - { "esp", EXT_ESP }, + { "ah", EXT_AH }, + { "esp", EXT_ESP }, { "rthdr0", EXT_RTHDR0 }, { "rthdr2", EXT_RTHDR2 }, - { NULL, 0 } + { NULL, 0 } }; /* fills command for the extension header filtering */ @@ -210,48 +210,48 @@ fill_ext6hdr( ipfw_insn *cmd, char *av) cmd->arg1 = 0; while(s) { - av = strsep( &s, ",") ; - tok = match_token(ext6hdrcodes, av); - switch (tok) { - case EXT_FRAGMENT: - cmd->arg1 |= EXT_FRAGMENT; - break; - - case EXT_HOPOPTS: - cmd->arg1 |= EXT_HOPOPTS; - break; - - case EXT_ROUTING: - cmd->arg1 |= EXT_ROUTING; - break; - - case EXT_DSTOPTS: - cmd->arg1 |= EXT_DSTOPTS; - break; - - case EXT_AH: - cmd->arg1 |= EXT_AH; - break; - - case EXT_ESP: - cmd->arg1 |= EXT_ESP; - break; - - case EXT_RTHDR0: - cmd->arg1 |= EXT_RTHDR0; - break; - - case EXT_RTHDR2: - cmd->arg1 |= EXT_RTHDR2; - break; - - default: - errx( EX_DATAERR, "invalid option for ipv6 exten header" ); - break; - } + av = strsep( &s, ",") ; + tok = match_token(ext6hdrcodes, av); + switch (tok) { + case EXT_FRAGMENT: + cmd->arg1 |= EXT_FRAGMENT; + break; + + case EXT_HOPOPTS: + cmd->arg1 |= EXT_HOPOPTS; + break; + + case EXT_ROUTING: + cmd->arg1 |= EXT_ROUTING; + break; + + case EXT_DSTOPTS: + cmd->arg1 |= EXT_DSTOPTS; + break; + + case EXT_AH: + cmd->arg1 |= EXT_AH; + break; + + case EXT_ESP: + cmd->arg1 |= EXT_ESP; + break; + + case EXT_RTHDR0: + cmd->arg1 |= EXT_RTHDR0; + break; + + case EXT_RTHDR2: + cmd->arg1 |= EXT_RTHDR2; + break; + + default: + errx( EX_DATAERR, "invalid option for ipv6 exten header" ); + break; + } } if (cmd->arg1 == 0 ) - return 0; + return 0; cmd->opcode = O_EXT_HDR; cmd->len |= F_INSN_SIZE( ipfw_insn ); return 1; @@ -264,35 +264,35 @@ print_ext6hdr( ipfw_insn *cmd ) printf(" extension header:"); if (cmd->arg1 & EXT_FRAGMENT ) { - printf("%cfragmentation", sep); - sep = ','; + printf("%cfragmentation", sep); + sep = ','; } if (cmd->arg1 & EXT_HOPOPTS ) { - printf("%chop options", sep); - sep = ','; + printf("%chop options", sep); + sep = ','; } if (cmd->arg1 & EXT_ROUTING ) { - printf("%crouting options", sep); - sep = ','; + printf("%crouting options", sep); + sep = ','; } if (cmd->arg1 & EXT_RTHDR0 ) { - printf("%crthdr0", sep); - sep = ','; + printf("%crthdr0", sep); + sep = ','; } if (cmd->arg1 & EXT_RTHDR2 ) { - printf("%crthdr2", sep); - sep = ','; + printf("%crthdr2", sep); + sep = ','; } if (cmd->arg1 & EXT_DSTOPTS ) { - printf("%cdestination options", sep); - sep = ','; + printf("%cdestination options", sep); + sep = ','; } if (cmd->arg1 & EXT_AH ) { - printf("%cauthentication header", sep); - sep = ','; + printf("%cauthentication header", sep); + sep = ','; } if (cmd->arg1 & EXT_ESP ) { - printf("%cencapsulated security payload", sep); + printf("%cencapsulated security payload", sep); } } @@ -318,9 +318,9 @@ lookup_host6 (char *host, struct in6_add * any matches any IP6. Actually returns an empty instruction. * me returns O_IP6_*_ME * - * 03f1::234:123:0342 single IP6 addres - * 03f1::234:123:0342/24 address/mask - * 03f1::234:123:0342/24,03f1::234:123:0343/ List of address + * 03f1::234:123:0342 single IP6 addres + * 03f1::234:123:0342/24 address/mask + * 03f1::234:123:0342/24,03f1::234:123:0343/ List of address * * Set of address (as in ipv6) not supported because ipv6 address * are typically random past the initial prefix. Modified: stable/8/sbin/ipfw/main.c ============================================================================== --- stable/8/sbin/ipfw/main.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/main.c Fri Jul 8 13:04:47 2011 (r223869) @@ -358,7 +358,7 @@ ipfw_main(int oldac, char **oldav) co.do_pipe = 0; co.use_set = 0; if (!strncmp(*av, "nat", strlen(*av))) - co.do_nat = 1; + co.do_nat = 1; else if (!strncmp(*av, "pipe", strlen(*av))) co.do_pipe = 1; else if (_substrcmp(*av, "queue") == 0) @@ -427,7 +427,7 @@ ipfw_main(int oldac, char **oldav) else if (_substrcmp(*av, "resetlog") == 0) ipfw_zero(ac, av, 1 /* IP_FW_RESETLOG */); else if (_substrcmp(*av, "print") == 0 || - _substrcmp(*av, "list") == 0) + _substrcmp(*av, "list") == 0) ipfw_list(ac, av, do_acct); else if (_substrcmp(*av, "show") == 0) ipfw_list(ac, av, 1 /* show counters */); @@ -592,7 +592,7 @@ main(int ac, char *av[]) ret = WSAStartup(wVersionRequested, &wsaData); if (ret != 0) { /* Tell the user that we could not find a usable */ - /* Winsock DLL. */ + /* Winsock DLL. */ printf("WSAStartup failed with error: %d\n", ret); return 1; } Modified: stable/8/sbin/ipfw/nat.c ============================================================================== --- stable/8/sbin/ipfw/nat.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/nat.c Fri Jul 8 13:04:47 2011 (r223869) @@ -47,15 +47,15 @@ #include <alias.h> static struct _s_x nat_params[] = { - { "ip", TOK_IP }, - { "if", TOK_IF }, - { "log", TOK_ALOG }, - { "deny_in", TOK_DENY_INC }, - { "same_ports", TOK_SAME_PORTS }, - { "unreg_only", TOK_UNREG_ONLY }, - { "reset", TOK_RESET_ADDR }, - { "reverse", TOK_ALIAS_REV }, - { "proxy_only", TOK_PROXY_ONLY }, + { "ip", TOK_IP }, + { "if", TOK_IF }, + { "log", TOK_ALOG }, + { "deny_in", TOK_DENY_INC }, + { "same_ports", TOK_SAME_PORTS }, + { "unreg_only", TOK_UNREG_ONLY }, + { "reset", TOK_RESET_ADDR }, + { "reverse", TOK_ALIAS_REV }, + { "proxy_only", TOK_PROXY_ONLY }, { "redirect_addr", TOK_REDIR_ADDR }, { "redirect_port", TOK_REDIR_PORT }, { "redirect_proto", TOK_REDIR_PROTO }, @@ -63,10 +63,10 @@ static struct _s_x nat_params[] = { }; -/* +/* * Search for interface with name "ifn", and fill n accordingly: * - * n->ip ip address of interface "ifn" + * n->ip ip address of interface "ifn" * n->if_name copy of interface name "ifn" */ static void @@ -84,9 +84,9 @@ set_addr_dynamic(const char *ifn, struct mib[0] = CTL_NET; mib[1] = PF_ROUTE; mib[2] = 0; - mib[3] = AF_INET; + mib[3] = AF_INET; mib[4] = NET_RT_IFLIST; - mib[5] = 0; + mib[5] = 0; /* * Get interface data. */ @@ -163,25 +163,25 @@ set_addr_dynamic(const char *ifn, struct free(buf); } -/* +/* * XXX - The following functions, macros and definitions come from natd.c: - * it would be better to move them outside natd.c, in a file - * (redirect_support.[ch]?) shared by ipfw and natd, but for now i can live + * it would be better to move them outside natd.c, in a file + * (redirect_support.[ch]?) shared by ipfw and natd, but for now i can live * with it. */ /* * Definition of a port range, and macros to deal with values. * FORMAT: HI 16-bits == first port in range, 0 == all ports. - * LO 16-bits == number of ports in range + * LO 16-bits == number of ports in range * NOTES: - Port values are not stored in network byte order. */ #define port_range u_long -#define GETLOPORT(x) ((x) >> 0x10) -#define GETNUMPORTS(x) ((x) & 0x0000ffff) -#define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x))) +#define GETLOPORT(x) ((x) >> 0x10) +#define GETNUMPORTS(x) ((x) & 0x0000ffff) +#define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x))) /* Set y to be the low-port value in port_range variable x. */ #define SETLOPORT(x,y) ((x) = ((x) & 0x0000ffff) | ((y) << 0x10)) @@ -189,7 +189,7 @@ set_addr_dynamic(const char *ifn, struct /* Set y to be the number of ports in port_range variable x. */ #define SETNUMPORTS(x,y) ((x) = ((x) & 0xffff0000) | (y)) -static void +static void StrToAddr (const char* str, struct in_addr* addr) { struct hostent* hp; @@ -204,30 +204,30 @@ StrToAddr (const char* str, struct in_ad memcpy (addr, hp->h_addr, sizeof (struct in_addr)); } -static int +static int StrToPortRange (const char* str, const char* proto, port_range *portRange) { - char* sep; + char* sep; struct servent* sp; char* end; - u_short loPort; - u_short hiPort; - + u_short loPort; + u_short hiPort; + /* First see if this is a service, return corresponding port if so. */ sp = getservbyname (str,proto); if (sp) { - SETLOPORT(*portRange, ntohs(sp->s_port)); + SETLOPORT(*portRange, ntohs(sp->s_port)); SETNUMPORTS(*portRange, 1); return 0; } - + /* Not a service, see if it's a single port or port range. */ sep = strchr (str, '-'); if (sep == NULL) { - SETLOPORT(*portRange, strtol(str, &end, 10)); + SETLOPORT(*portRange, strtol(str, &end, 10)); if (end != str) { - /* Single port. */ - SETNUMPORTS(*portRange, 1); + /* Single port. */ + SETNUMPORTS(*portRange, 1); return 0; } @@ -240,15 +240,15 @@ StrToPortRange (const char* str, const c SETLOPORT(*portRange, loPort); SETNUMPORTS(*portRange, 0); /* Error by default */ if (loPort <= hiPort) - SETNUMPORTS(*portRange, hiPort - loPort + 1); + SETNUMPORTS(*portRange, hiPort - loPort + 1); if (GETNUMPORTS(*portRange) == 0) - errx (EX_DATAERR, "invalid port range %s", str); + errx (EX_DATAERR, "invalid port range %s", str); return 0; } -static int +static int StrToProto (const char* str) { if (!strcmp (str, "tcp")) @@ -262,9 +262,9 @@ StrToProto (const char* str) errx (EX_DATAERR, "unknown protocol %s. Expected sctp, tcp or udp", str); } -static int -StrToAddrAndPortRange (const char* str, struct in_addr* addr, char* proto, - port_range *portRange) +static int +StrToAddrAndPortRange (const char* str, struct in_addr* addr, char* proto, + port_range *portRange) { char* ptr; @@ -281,53 +281,52 @@ StrToAddrAndPortRange (const char* str, /* End of stuff taken from natd.c. */ -#define INC_ARGCV() do { \ - (*_av)++; \ - (*_ac)--; \ - av = *_av; \ - ac = *_ac; \ +#define INC_ARGCV() do { \ + (*_av)++; \ + (*_ac)--; \ + av = *_av; \ + ac = *_ac; \ } while(0) -/* - * The next 3 functions add support for the addr, port and proto redirect and - * their logic is loosely based on SetupAddressRedirect(), SetupPortRedirect() +/* + * The next 3 functions add support for the addr, port and proto redirect and + * their logic is loosely based on SetupAddressRedirect(), SetupPortRedirect() * and SetupProtoRedirect() from natd.c. * - * Every setup_* function fills at least one redirect entry - * (struct cfg_redir) and zero or more server pool entry (struct cfg_spool) + * Every setup_* function fills at least one redirect entry + * (struct cfg_redir) and zero or more server pool entry (struct cfg_spool) * in buf. - * + * * The format of data in buf is: - * * - * cfg_nat cfg_redir cfg_spool ...... cfg_spool + * cfg_nat cfg_redir cfg_spool ...... cfg_spool * * ------------------------------------- ------------ * | | .....X ... | | | | ..... * ------------------------------------- ...... ------------ - * ^ + * ^ * spool_cnt n=0 ...... n=(X-1) * * len points to the amount of available space in buf * space counts the memory consumed by every function * - * XXX - Every function get all the argv params so it + * XXX - Every function get all the argv params so it * has to check, in optional parameters, that the next - * args is a valid option for the redir entry and not - * another token. Only redir_port and redir_proto are + * args is a valid option for the redir entry and not + * another token. Only redir_port and redir_proto are * affected by this. */ static int setup_redir_addr(char *spool_buf, unsigned int len, - int *_ac, char ***_av) + int *_ac, char ***_av) { char **av, *sep; /* Token separator. */ /* Temporary buffer used to hold server pool ip's. */ - char tmp_spool_buf[NAT_BUF_LEN]; + char tmp_spool_buf[NAT_BUF_LEN]; int ac, space, lsnat; - struct cfg_redir *r; - struct cfg_spool *tmp; + struct cfg_redir *r; + struct cfg_spool *tmp; av = *_av; ac = *_ac; @@ -339,11 +338,11 @@ setup_redir_addr(char *spool_buf, unsign spool_buf = &spool_buf[SOF_REDIR]; space = SOF_REDIR; *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201107081304.p68D4lUx019496>