Date: Tue, 11 Dec 2018 17:22:32 +0300 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: Claudio Eichenberger <cei@yourshop.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw -N show Message-ID: <396f3a36-9108-1a97-76de-7de6931fb984@yandex.ru> In-Reply-To: <20181211130145.GC4820@yourshop.com> References: <20181210142701.GA12120@yourshop.com> <828f1634-9e9e-a6ef-4d7d-abcf071d89a7@yandex.ru> <20181211130145.GC4820@yourshop.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --YJrhiUc4tmIOH28VwYfoXg5Gkv4WGCKzk Content-Type: multipart/mixed; boundary="nBwHhdq0zvbfx9v2r0UV4SodlyHmrItJA"; protected-headers="v1" From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: Claudio Eichenberger <cei@yourshop.com> Cc: freebsd-ipfw@freebsd.org Message-ID: <396f3a36-9108-1a97-76de-7de6931fb984@yandex.ru> Subject: Re: ipfw -N show References: <20181210142701.GA12120@yourshop.com> <828f1634-9e9e-a6ef-4d7d-abcf071d89a7@yandex.ru> <20181211130145.GC4820@yourshop.com> In-Reply-To: <20181211130145.GC4820@yourshop.com> --nBwHhdq0zvbfx9v2r0UV4SodlyHmrItJA Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 11.12.2018 16:01, Claudio Eichenberger wrote: > Hello Andrey, >=20 > I applied both patches: >=20 >=20 > sigma# diff -u ipfw2.c-000 ipfw2.c > --- ipfw2.c-000 2018-12-11 13:01:01.370594000 +0100 > +++ ipfw2.c 2018-12-11 13:04:25.132233000 +0100 > @@ -1251,7 +1251,8 @@ > (cmd->o.opcode =3D=3D O_IP_SRC || cmd->o.opcode =3D=3D O_IP_DST) = ? > 32 : contigmask((uint8_t *)&(a[1]), 32); > if (mb =3D=3D 32 && co.do_resolv) > - he =3D gethostbyaddr((char *)&(a[0]), sizeof(u_long), = AF_INET); > + he =3D gethostbyaddr((char *)&(a[0]), sizeof(in_addr_t= ), > + AF_INET); > if (he !=3D NULL) /* resolved to name */ > bprintf(bp, "%s", he->h_name); > else if (mb =3D=3D 0) /* any */ > @@ -1492,6 +1493,7 @@ > bprintf(bp, " %s", pe->p_name); > else > bprintf(bp, " %u", cmd->arg1); > + state->proto =3D cmd->arg1; > break; > case O_MACADDR2: > print_mac(bp, insntod(cmd, mac)); > @@ -1963,10 +1965,10 @@ > struct show_state *state) > { > ipfw_insn *cmd; > - int l, proto, ip4, ip6, tmp; > + int l, proto, ip4, ip6; > =20 > /* Count all O_PROTO, O_IP4, O_IP6 instructions. */ > - proto =3D tmp =3D ip4 =3D ip6 =3D 0; > + proto =3D ip4 =3D ip6 =3D 0; > for (l =3D state->rule->act_ofs, cmd =3D state->rule->cmd; > l > 0; l -=3D F_LEN(cmd), cmd +=3D F_LEN(cmd)) { > switch (cmd->opcode) { > @@ -2002,18 +2004,13 @@ > if (cmd =3D=3D NULL || (cmd->len & F_OR)) > for (l =3D proto; l > 0; l--) { > cmd =3D print_opcode(bp, fo, state, O_PROTO); > - if (cmd !=3D NULL && (cmd->len & F_OR) =3D=3D = 0) > + if (cmd =3D=3D NULL || (cmd->len & F_OR) =3D=3D= 0) > break; > - tmp =3D cmd->arg1; > } > /* Initialize proto, it is used by print_newports() */ > - if (tmp !=3D 0) > - state->proto =3D tmp; > - else if (ip6 !=3D 0) > - state->proto =3D IPPROTO_IPV6; > - else > - state->proto =3D IPPROTO_IP; > state->flags |=3D HAVE_PROTO; > + if (state->proto =3D=3D 0 && ip6 !=3D 0) > + state->proto =3D IPPROTO_IPV6; > } > =20 > static int >=20 >=20 > unfortunately, ipfw -N show still doesn't print the protocols: >=20 > 00800 0 0 allow tcp from any to x.x.x.x 443 in recv bce0 >=20 Did you reinstall the patched version of ipfw(8)? # ipfw add count tcp from any to ya.ru 443 out xmit lagg0 00100 count tcp from any to 87.250.250.242 443 out xmit lagg0 # ipfw -N show 100 00100 0 0 count tcp from any to ya.ru https out xmit lagg0 --=20 WBR, Andrey V. Elsukov --nBwHhdq0zvbfx9v2r0UV4SodlyHmrItJA-- --YJrhiUc4tmIOH28VwYfoXg5Gkv4WGCKzk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQEzBAEBCAAdFiEE5lkeG0HaFRbwybwAAcXqBBDIoXoFAlwPyCgACgkQAcXqBBDI oXpg8Qf/clXQEa/M5Ly/GKyCYnbYJjFg273bqhjajOsGdP37dyPhciFx7E7u/7lE MmgvH/UdBucLwtbzYkZXIfpYlQz6y/oZ2z2nvOhplGpYBCcM7kukXyHmq88PVkjN R6MYLiLjVDop6uk2CY6JH7cXiUVtBB6k5A7/g0zFeGiSmC2r1lQGk0vHXGm/MaQc hf04ikXqS+Ec22+iwDopqQ6ntUd3b+WIYk+5HWtAmHLNaBM+5oSQ+35/ENpBzvKq 6D2qT8bWgZwqkzMdFzkzEqUY1pjD/rpSlVOFanx4N1/CMVuz0j3HNzEAWQeilfnu QTYuNZDxv+1cIs2JI4yGiZxjP5JZBw== =P9pE -----END PGP SIGNATURE----- --YJrhiUc4tmIOH28VwYfoXg5Gkv4WGCKzk--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?396f3a36-9108-1a97-76de-7de6931fb984>