From owner-freebsd-net@FreeBSD.ORG Sun May 18 04:13:30 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id F112B2C7; Sun, 18 May 2014 04:13:29 +0000 (UTC) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vps1.elischer.org", Issuer "CA Cert Signing Authority" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A666B2611; Sun, 18 May 2014 04:13:29 +0000 (UTC) Received: from jre-mbp.elischer.org (ppp121-45-232-70.lns20.per1.internode.on.net [121.45.232.70]) (authenticated bits=0) by vps1.elischer.org (8.14.8/8.14.8) with ESMTP id s4I4CeRF053502 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Sat, 17 May 2014 21:12:43 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <53783333.3010205@freebsd.org> Date: Sun, 18 May 2014 12:12:35 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: "Alexander V. Chernikov" , Dennis Yusupoff , FreeBSD Net , Marcelo Gondim Subject: Re: Problem with ipfw table add 0.0.0.0/8 References: <5371084F.1060009@bsdinfo.com.br> <5371112B.2030209@bsdinfo.com.br> <5371E9E7.70400@smartspb.net> <5371F4C8.3080501@FreeBSD.org> <53720AA4.80909@smartspb.net> <537767C5.80205@FreeBSD.org> In-Reply-To: <537767C5.80205@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 May 2014 04:13:30 -0000 On 5/17/14, 9:44 PM, Alexander V. Chernikov wrote: > On 13.05.2014 16:05, Dennis Yusupoff wrote: >> I think that universal table for all kind of data (ipv4, ipv6, ports, >> etc) is a bad idea by design. At least unless you haven't any >> ability to > It is not always "universal" in kernel. > Actually, different radix tables are used to store both IPv4 and > IPv6 in single table. >> specify address family on add, to avoid attempts to guess what user >> meant. Something like "ipfw table X add DEEF.DE ipv6". > I'm going to add explicit table type/naming setup soon. > Idea is the following: > > 1) Existing table can be named and addressed by either number or name. > However, you still need to assign table number manually. > > 2) Table type/name can be specified explicitly via one of the > following commands: > * ipfw table 1 create [type ] [name > "table_name"] type "ports" would be nice but tricky to do right. > * ipfw table name "table_name" > * ipfw table "table_name" type > > 3) ipfw(8) stops trying to guess appropriate type based on used > value. Instead, > it requests table type from kernel and interprets value according to > returned type. > Default type for all tables is cidr the guessing was a hack for compatibilty. Its time to stop doing that has definitely come. (I did it.. sorry) > > 4) Table(s) can be returned to default values using ipfw table > destroy. > Destroy means: > * flush > * table tries (or other structures) freed > * type set to cidr > > >> >> >> 13.05.2014 14:32, Alexander V. Chernikov пишет: >>> On 13.05.2014 13:46, Dennis Yusupoff wrote: >>>> May be this will help? See answer on >>>> http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/189471 >>> I'll try to fix it within a few days. > Fixed in r266310. >>> >>> The problem itself happens due to the fact that every CIDR table >>> address is packed into IPv6 address and IPv4 ones are encoded as >>> deprecated IPv6-compatible ones. >>> this leads to the problems with decoding things like 0/X or ::1 > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >