From owner-svn-src-all@FreeBSD.ORG Tue Jun 14 04:37:10 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5B6021065676; Tue, 14 Jun 2011 04:37:10 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 40F998FC17; Tue, 14 Jun 2011 04:37:10 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p5E4bACM013729; Tue, 14 Jun 2011 04:37:10 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p5E4bALJ013724; Tue, 14 Jun 2011 04:37:10 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201106140437.p5E4bALJ013724@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Tue, 14 Jun 2011 04:37:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223070 - in stable/8: sbin/ipfw sys/netinet/ipfw X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jun 2011 04:37:10 -0000 Author: ae Date: Tue Jun 14 04:37:09 2011 New Revision: 223070 URL: http://svn.freebsd.org/changeset/base/223070 Log: MFC r222473: Add tablearg support for ipfw setfib. PR: kern/156410 MFC r222474: Wrap long line. Modified: stable/8/sbin/ipfw/ipfw.8 stable/8/sbin/ipfw/ipfw2.c stable/8/sys/netinet/ipfw/ip_fw2.c stable/8/sys/netinet/ipfw/ip_fw_sockopt.c Directory Properties: stable/8/sbin/ipfw/ (props changed) stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sbin/ipfw/ipfw.8 ============================================================================== --- stable/8/sbin/ipfw/ipfw.8 Tue Jun 14 04:34:20 2011 (r223069) +++ stable/8/sbin/ipfw/ipfw.8 Tue Jun 14 04:37:09 2011 (r223070) @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 27, 2010 +.Dd May 30, 2011 .Dt IPFW 8 .Os .Sh NAME @@ -867,13 +867,16 @@ for more information on and .Cm ngtee actions. -.It Cm setfib Ar fibnum +.It Cm setfib Ar fibnum | tablearg The packet is tagged so as to use the FIB (routing table) .Ar fibnum in any subsequent forwarding decisions. Initially this is limited to the values 0 through 15, see .Xr setfib 1 . Processing continues at the next rule. +It is possible to use the +.Cm tablearg +keyword with a setfib. If tablearg value is not within compiled FIB range packet fib is set to 0. .It Cm reass Queue and reassemble ip fragments. If the packet is not fragmented, counters are updated and processing continues with the next rule. @@ -1697,7 +1700,7 @@ is used. The .Cm tablearg argument can be used with the following actions: -.Cm nat, pipe , queue, divert, tee, netgraph, ngtee, fwd, skipto +.Cm nat, pipe , queue, divert, tee, netgraph, ngtee, fwd, skipto, setfib, action parameters: .Cm tag, untag, rule options: Modified: stable/8/sbin/ipfw/ipfw2.c ============================================================================== --- stable/8/sbin/ipfw/ipfw2.c Tue Jun 14 04:34:20 2011 (r223069) +++ stable/8/sbin/ipfw/ipfw2.c Tue Jun 14 04:37:09 2011 (r223070) @@ -2826,14 +2826,19 @@ chkarg: size_t intsize = sizeof(int); action->opcode = O_SETFIB; - NEED1("missing fib number"); - action->arg1 = strtoul(*av, NULL, 10); - if (sysctlbyname("net.fibs", &numfibs, &intsize, NULL, 0) == -1) - errx(EX_DATAERR, "fibs not suported.\n"); - if (action->arg1 >= numfibs) /* Temporary */ - errx(EX_DATAERR, "fib too large.\n"); - av++; - break; + NEED1("missing fib number"); + if (_substrcmp(*av, "tablearg") == 0) { + action->arg1 = IP_FW_TABLEARG; + } else { + action->arg1 = strtoul(*av, NULL, 10); + if (sysctlbyname("net.fibs", &numfibs, &intsize, + NULL, 0) == -1) + errx(EX_DATAERR, "fibs not suported.\n"); + if (action->arg1 >= numfibs) /* Temporary */ + errx(EX_DATAERR, "fib too large.\n"); + } + av++; + break; } case TOK_REASS: Modified: stable/8/sys/netinet/ipfw/ip_fw2.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw2.c Tue Jun 14 04:34:20 2011 (r223069) +++ stable/8/sys/netinet/ipfw/ip_fw2.c Tue Jun 14 04:37:09 2011 (r223070) @@ -2101,14 +2101,21 @@ do { \ done = 1; /* exit outer loop */ break; - case O_SETFIB: + case O_SETFIB: { + uint32_t fib; + f->pcnt++; /* update stats */ f->bcnt += pktlen; f->timestamp = time_uptime; - M_SETFIB(m, cmd->arg1); - args->f_id.fib = cmd->arg1; + fib = (cmd->arg1 == IP_FW_TABLEARG) ? tablearg: + cmd->arg1; + if (fib >= rt_numfibs) + fib = 0; + M_SETFIB(m, fib); + args->f_id.fib = fib; l = 0; /* exit inner loop */ break; + } case O_NAT: if (!IPFW_NAT_LOADED) { Modified: stable/8/sys/netinet/ipfw/ip_fw_sockopt.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw_sockopt.c Tue Jun 14 04:34:20 2011 (r223069) +++ stable/8/sys/netinet/ipfw/ip_fw_sockopt.c Tue Jun 14 04:37:09 2011 (r223070) @@ -605,7 +605,8 @@ check_ipfw_struct(struct ip_fw *rule, in case O_SETFIB: if (cmdlen != F_INSN_SIZE(ipfw_insn)) goto bad_size; - if (cmd->arg1 >= rt_numfibs) { + if ((cmd->arg1 != IP_FW_TABLEARG) && + (cmd->arg1 >= rt_numfibs)) { printf("ipfw: invalid fib number %d\n", cmd->arg1); return EINVAL;