From owner-freebsd-current  Sun Jan 12  5:53: 0 2003
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8A01937B401
	for <current@FreeBSD.ORG>; Sun, 12 Jan 2003 05:52:58 -0800 (PST)
Received: from relay1.macomnet.ru (relay1.macomnet.ru [195.128.64.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 585D143F5F
	for <current@FreeBSD.ORG>; Sun, 12 Jan 2003 05:52:57 -0800 (PST)
	(envelope-from maxim@macomnet.ru)
Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14])
	by relay1.macomnet.ru (8.11.6/8.11.6) with ESMTP id h0CDqrG8536804;
	Sun, 12 Jan 2003 16:52:54 +0300 (MSK)
Date: Sun, 12 Jan 2003 16:52:53 +0300 (MSK)
From: Maxim Konovalov <maxim@macomnet.ru>
To: Wiktor Niesiobedzki <kaczor@mail.evip.pl>
Cc: current@FreeBSD.ORG
Subject: Re: IPFW2 skipto + logging
In-Reply-To: <20021110173443.A5529@mail.evip.pl>
Message-ID: <20030112165156.G22175@news1.macomnet.ru>
References: <20021110173443.A5529@mail.evip.pl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG


Hello,

On 17:34+0100, Nov 10, 2002, Wiktor Niesiobedzki wrote:

> Hi,
>
> Rule of the format:
> ipfw add 100 skipto 400 log logamount 0 ip from 192.168.0.0/24 to 192.168.0.0/24
> Will give this strange result:
> Nov 10 17:01:05 portal kernel: ipfw: 100 SkipTo 400 TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
> Nov 10 17:01:05 portal kernel: ipfw: 310 Pipe 2 TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
> Nov 10 17:01:05 portal kernel: ipfw: 320 Pipe 2 TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
> Nov 10 17:01:05 portal kernel: ipfw: 340 Pipe 3 TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
> Nov 10 17:01:05 portal kernel: ipfw: 340 Pipe 4 TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
> Nov 10 17:01:05 portal kernel: ipfw: 360 Pipe 4 TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
> Nov 10 17:01:05 portal kernel: ipfw: 380 Pipe 4 TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
> Nov 10 17:01:05 portal kernel: ipfw: 800 Accept TCP 192.168.0.1:139 192.168.0.2:1170 out via ed0
>
> So, clearly saying - will not work, the rule:
> ipfw add 100 skipto 400 ip from 192.168.0.0/24 to 192.168.0.0/24
> is working correctly.
>
> Is there any problems with ACTION_PTR macro?

Please try a next patch:

Index: sys/netinet/ip_fw2.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_fw2.c,v
retrieving revision 1.22
diff -u -r1.22 ip_fw2.c
--- sys/netinet/ip_fw2.c	27 Dec 2002 17:43:25 -0000	1.22
+++ sys/netinet/ip_fw2.c	12 Jan 2003 13:49:48 -0000
@@ -1180,6 +1180,7 @@

 	/* look for action, in case it is a skipto */
 	cmd = ACTION_PTR(me);
+	cmd += F_LEN(cmd);
 	if ( cmd->opcode == O_SKIPTO )
 		for (rule = me->next; rule ; rule = rule->next)
 			if (rule->rulenum >= cmd->arg1)

%%%

-- 
Maxim Konovalov, MAcomnet, Internet Dept., system engineer
phone: +7 (095) 796-9079, mailto:maxim@macomnet.ru


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message