From owner-svn-src-projects@FreeBSD.ORG Fri Feb 3 13:54:26 2012 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0BE9B106566B; Fri, 3 Feb 2012 13:54:26 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id D07788FC12; Fri, 3 Feb 2012 13:54:25 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q13DsPC1090063; Fri, 3 Feb 2012 13:54:25 GMT (envelope-from bz@svn.freebsd.org) Received: (from bz@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q13DsP0M090061; Fri, 3 Feb 2012 13:54:25 GMT (envelope-from bz@svn.freebsd.org) Message-Id: <201202031354.q13DsP0M090061@svn.freebsd.org> From: "Bjoern A. Zeeb" Date: Fri, 3 Feb 2012 13:54:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org X-SVN-Group: projects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r230946 - projects/multi-fibv6/head/contrib/pf/pfctl X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Feb 2012 13:54:26 -0000 Author: bz Date: Fri Feb 3 13:54:25 2012 New Revision: 230946 URL: http://svn.freebsd.org/changeset/base/230946 Log: Fix the upper limit bounds checking for the "rtables" keyword wrapping it in a function to dynamically query the currently supported number of FIBs by the kernel for FreeBSD. Sponsored by: Cisco Systems, Inc. Modified: projects/multi-fibv6/head/contrib/pf/pfctl/parse.y Modified: projects/multi-fibv6/head/contrib/pf/pfctl/parse.y ============================================================================== --- projects/multi-fibv6/head/contrib/pf/pfctl/parse.y Fri Feb 3 13:40:51 2012 (r230945) +++ projects/multi-fibv6/head/contrib/pf/pfctl/parse.y Fri Feb 3 13:54:25 2012 (r230946) @@ -33,6 +33,9 @@ __FBSDID("$FreeBSD$"); #include #include #include +#ifdef __FreeBSD__ +#include +#endif #include #include #include @@ -335,6 +338,7 @@ int expand_skip_interface(struct node_ int check_rulestate(int); int getservice(char *); int rule_label(struct pf_rule *, char *); +int rt_tableid_max(void); void mv_rules(struct pf_ruleset *, struct pf_ruleset *); void decide_address_family(struct node_host *, sa_family_t *); @@ -1174,7 +1178,7 @@ scrub_opt : NODF { scrub_opts.randomid = 1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -1322,7 +1326,7 @@ antispoof_opt : label { antispoof_opts.label = $1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -2361,7 +2365,7 @@ filter_opt : USER uids { filter_opts.prob = 1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -4190,7 +4194,7 @@ tagged : /* empty */ { $$.neg = 0; $$. rtable : /* empty */ { $$ = -1; } | RTABLE NUMBER { - if ($2 < 0 /* || $2 > RT_TABLEID_MAX */ ) { + if ($2 < 0 || $2 > rt_tableid_max()) { yyerror("invalid rtable id"); YYERROR; } @@ -6051,3 +6055,23 @@ pfctl_load_anchors(int dev, struct pfctl return (0); } + +int +rt_tableid_max(void) +{ +#ifdef __FreeBSD__ + int fibs; + size_t l = sizeof(fibs); + + if (sysctlbyname("net.fibs", &fibs, &l, NULL, 0) == -1) + fibs = 16; /* XXX RT_MAXFIBS, at least limit it some. */ + /* + * As the OpenBSD code only compares > and not >= we need to adjust + * here given we only accept values of 0..n and want to avoid #ifdefs + * in the grammer. + */ + return (fibs - 1); +#else + return (RT_TABLEID_MAX); +#endif +}