Skip site navigation (1)Skip section navigation (2) 
Date:      28 Sep 2001 20:32:02 +0200
From:      Dag-Erling Smorgrav <des@ofug.org>
To:        Luigi Rizzo <luigi@FreeBSD.org>
Cc:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/netinet ip_dummynet.c ip_dummynet.h ip_fw.c ip_fw.h ip_input.c ip_output.c src/sys/net bridge.c src/sbin/ipfw ipfw.8 ipfw.c
Message-ID:  <xzp8zezi2u5.fsf@flood.ping.uio.no>
In-Reply-To: <xzpwv2jkx2q.fsf@flood.ping.uio.no>
References:  <200109272344.f8RNiSV40274@freefall.freebsd.org> <xzpwv2jkx2q.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help 
--=-=-=

Dag-Erling Smorgrav <des@ofug.org> writes:
> 1) with these patches, installing the rule "pass ip from any to any
>    via lo0" (#2 in my ruleset) causes an immediate panic in
>    add_entry() (no core dump yet, but I'm working on it)

Actually, from reading the code, any attempt to install an unnumbered
(i.e. automatically numbered) rule will panic, because the loop
(starting on line 1657 of ip_fw.c) that tries to find the highest
existing rule number trashes the pointer to the rule you're about to
install.  See the attached (untested) patch.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org


--=-=-=
Content-Type: text/x-patch
Content-Disposition: attachment; filename=ipfw.diff

Index: ip_fw.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_fw.c,v
retrieving revision 1.170
diff -u -r1.170 ip_fw.c
--- ip_fw.c	27 Sep 2001 23:44:26 -0000	1.170
+++ ip_fw.c	28 Sep 2001 18:27:58 -0000
@@ -1654,9 +1654,13 @@
 
 	/* If entry number is 0, find highest numbered rule and add 100 */
 	if (ftmp->fw_number == 0) {
-		LIST_FOREACH(ftmp, head, next) {
-			if (ftmp->fw_number != IPFW_DEFAULT_RULE)
-				nbr = ftmp->fw_number;
+		/*
+		 * This works because the list is ordered, so the last
+		 * non-default rule is also the highest-numbered one.
+		 */
+		LIST_FOREACH(fcp, head, next) {
+			if (fcp->fw_number != IPFW_DEFAULT_RULE)
+				nbr = fcp->fw_number;
 			else
 				break;
 		}

--=-=-=--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp8zezi2u5.fsf>