From owner-svn-src-head@FreeBSD.ORG Thu Sep 11 12:30:30 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E0674687; Thu, 11 Sep 2014 12:30:30 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CB62C1AD; Thu, 11 Sep 2014 12:30:30 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s8BCUUBV005592; Thu, 11 Sep 2014 12:30:30 GMT (envelope-from hrs@FreeBSD.org) Received: (from hrs@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s8BCUUv1005586; Thu, 11 Sep 2014 12:30:30 GMT (envelope-from hrs@FreeBSD.org) Message-Id: <201409111230.s8BCUUv1005586@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: hrs set sender to hrs@FreeBSD.org using -f From: Hiroki Sato Date: Thu, 11 Sep 2014 12:30:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r271424 - in head: etc etc/defaults share/man/man5 X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Sep 2014 12:30:31 -0000 Author: hrs Date: Thu Sep 11 12:30:29 2014 New Revision: 271424 URL: http://svnweb.freebsd.org/changeset/base/271424 Log: - Add $netif_ipexpand_max to specify the upper limit for the number of addresses generated by an address range specification. The default value is 2048. This can be increased by setting $netif_ipexpand_max in rc.conf. - Fix warning messages when an address range spec exceeds the upper limit. PR: 186841 Modified: head/etc/defaults/rc.conf head/etc/network.subr head/share/man/man5/rc.conf.5 Modified: head/etc/defaults/rc.conf ============================================================================== --- head/etc/defaults/rc.conf Thu Sep 11 11:25:10 2014 (r271423) +++ head/etc/defaults/rc.conf Thu Sep 11 12:30:29 2014 (r271424) @@ -110,6 +110,7 @@ synchronous_dhclient="NO" # Start dhclie # interfaces during startup. defaultroute_delay="30" # Time to wait for a default route on a DHCP interface. defaultroute_carrier_delay="5" # Time to wait for carrier while waiting for a default route. +netif_ipexpand_max="2048" # Maximum number of IP addrs in a range spec. wpa_supplicant_program="/usr/sbin/wpa_supplicant" wpa_supplicant_flags="-s" # Extra flags to pass to wpa_supplicant wpa_supplicant_conf_file="/etc/wpa_supplicant.conf" Modified: head/etc/network.subr ============================================================================== --- head/etc/network.subr Thu Sep 11 11:25:10 2014 (r271423) +++ head/etc/network.subr Thu Sep 11 12:30:29 2014 (r271424) @@ -25,9 +25,7 @@ # $FreeBSD$ # IFCONFIG_CMD="/sbin/ifconfig" - -# Maximum number of addresses expanded from a address range specification. -_IPEXPANDMAX=31 +: ${netif_ipexpand_max:=2048} # # Subroutines commonly used from network startup scripts. @@ -886,8 +884,8 @@ ifalias_expand_addr_inet() _ipcount=$_iplow while [ "$_ipcount" -le "$_iphigh" ]; do _retstr="${_retstr} ${_iphead}${_iphead:+.}${_ipcount}${_iptail:+.}${_iptail}${_plen:+/}${_plen}" - if [ $_ipcount -gt $(($_iplow + $_IPEXPANDMAX)) ]; then - warn "Range specification is too large (${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_iphigh}${_iptail:+.}${_iptail}). ${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_ipcount}${_iptail:+.}${_iptail} was processed." + if [ $_ipcount -gt $(($_iplow + $netif_ipexpand_max)) ]; then + warn "Range specification is too large (${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_iphigh}${_iptail:+.}${_iptail}). ${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_ipcount}${_iptail:+.}${_iptail} was processed. Increase \$netif_ipexpand_max in rc.conf." break else _ipcount=$(($_ipcount + 1)) @@ -976,9 +974,9 @@ ifalias_expand_addr_inet6() $_ipleft $_ipcount $_ipright \ ${_plen:+/}$_plen` _retstr="$_retstr $_r" - if [ $_ipcount -gt $(($_iplow + $_IPEXPANDMAX)) ] + if [ $_ipcount -gt $(($_iplow + $netif_ipexpand_max)) ] then - warn "Range specification is too large $(printf '(%s:%04x%s-%s:%04x%s)' $_ipleft $_iplow $_ipright $_ipleft $_iphigh $_ipright). $(printf '%s:%04x%s-%s:%04x%s' $_ipleft $_iplow $_ipright $_ipleft $_ipcount $_ipright) was processed." + warn "Range specification is too large $(printf '(%s:%x%s-%s:%x%s)' "$_ipleft" "$_iplow" "$_ipright" "$_ipleft" "$_iphigh" "$_ipright"). $(printf '%s:%x%s-%s:%x%s' "$_ipleft" "$_iplow" "$_ipright" "$_ipleft" "$_ipcount" "$_ipright") was processed. Increase \$netif_ipexpand_max in rc.conf." break else _ipcount=$(($_ipcount + 1)) Modified: head/share/man/man5/rc.conf.5 ============================================================================== --- head/share/man/man5/rc.conf.5 Thu Sep 11 11:25:10 2014 (r271423) +++ head/share/man/man5/rc.conf.5 Thu Sep 11 12:30:29 2014 (r271424) @@ -1199,6 +1199,19 @@ or .Li inet6 2001:db8:1-f::1/64 . This notation allows address and prefix length part only, not the other address modifiers. +Note that the maximum number of the generated addresses from a range +specification is limited to an integer value specified in +.Va netif_ipexpand_max +in +.Xr rc.conf 5 +because a small typo can unexpectedly generate a large number of addresses. +The default value is +.Li 2048 . +It can be increased by adding the following line into +.Xr rc.conf 5 : +.Bd -literal +netif_ipexpand_max="4096" +.Ed .Pp In the case of .Li 192.0.2.5-23/24 ,