Date: Sun, 18 Nov 2018 00:28:57 +0000 (UTC) From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r340539 - in stable/11: sbin/ipfw sys/netinet Message-ID: <201811180028.wAI0SvFf088206@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ae Date: Sun Nov 18 00:28:56 2018 New Revision: 340539 URL: https://svnweb.freebsd.org/changeset/base/340539 Log: MFC r339539: Add IPFW_RULE_JUSTOPTS flag, that is used by ipfw(8) to mark rule, that was added using "new rule format". And then, when the kernel returns rule with this flag, ipfw(8) can correctly show it. Reported by: lev Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D17373 Modified: stable/11/sbin/ipfw/ipfw2.c stable/11/sys/netinet/ip_fw.h Directory Properties: stable/11/ (props changed) Modified: stable/11/sbin/ipfw/ipfw2.c ============================================================================== --- stable/11/sbin/ipfw/ipfw2.c Sun Nov 18 00:27:47 2018 (r340538) +++ stable/11/sbin/ipfw/ipfw2.c Sun Nov 18 00:28:56 2018 (r340539) @@ -2207,6 +2207,12 @@ show_static_rule(struct cmdline_opts *co, struct forma */ if (co->comment_only != 0) goto end; + + if (rule->flags & IPFW_RULE_JUSTOPTS) { + state.flags |= HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP; + goto justopts; + } + print_proto(bp, fo, &state); /* Print source */ @@ -2219,6 +2225,7 @@ show_static_rule(struct cmdline_opts *co, struct forma print_address(bp, fo, &state, dst_opcodes, nitems(dst_opcodes), O_IP_DSTPORT, HAVE_DSTIP); +justopts: /* Print the rest of options */ while (print_opcode(bp, fo, &state, -1)) ; @@ -4340,8 +4347,10 @@ chkarg: } } else if (first_cmd != cmd) { errx(EX_DATAERR, "invalid protocol ``%s''", *av); - } else + } else { + rule->flags |= IPFW_RULE_JUSTOPTS; goto read_options; + } OR_BLOCK(get_proto); /* Modified: stable/11/sys/netinet/ip_fw.h ============================================================================== --- stable/11/sys/netinet/ip_fw.h Sun Nov 18 00:27:47 2018 (r340538) +++ stable/11/sys/netinet/ip_fw.h Sun Nov 18 00:28:56 2018 (r340539) @@ -613,6 +613,7 @@ struct ip_fw_rule { ipfw_insn cmd[1]; /* storage for commands */ }; #define IPFW_RULE_NOOPT 0x01 /* Has no options in body */ +#define IPFW_RULE_JUSTOPTS 0x02 /* new format of rule body */ /* Unaligned version */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201811180028.wAI0SvFf088206>