From owner-svn-src-all@FreeBSD.ORG Tue Mar 25 19:34:17 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 573F22AC; Tue, 25 Mar 2014 19:34:16 +0000 (UTC) Received: from mail-vc0-x233.google.com (mail-vc0-x233.google.com [IPv6:2607:f8b0:400c:c03::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4DDB4B0E; Tue, 25 Mar 2014 19:34:16 +0000 (UTC) Received: by mail-vc0-f179.google.com with SMTP id ij19so1210754vcb.10 for ; Tue, 25 Mar 2014 12:34:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=7WGewqVYRHB8heKW+1hM5GdBqyhL9OBqn6AqD9SD49E=; b=D3ITIXJ0qsfw4iDnAo+1L1ThsnJjDxqviw0emU9FVZ8X78Akn67ZYx5aAr+lN7yeLS EotyU24yAaHVh1fnmpMe2EIwJWUp2mz4UbYpt7OYWigTulRUa2VFHiy2Psm3iRdcGd6K ujKqOPIUrZnUd5QXjc0enspywn2BGwc33UyFAgUVk3/xknw4nd8fagHedEZ7DEBQJCnd JiHe8K12w3eJsbZqwlCs/hkE9M70dQs/8l5AArQZrP1gXQERE81D2MQbQAq5+Gwo5HmR coMTerVR4HDUwTDeyPUu23qmgMh8ksSyqQEf7qvTjD9uZsdVX8Gi+kJt+spn89mzByrd /tQA== MIME-Version: 1.0 X-Received: by 10.58.152.142 with SMTP id uy14mr24350831veb.4.1395776055397; Tue, 25 Mar 2014 12:34:15 -0700 (PDT) Sender: asomers@gmail.com Received: by 10.58.231.105 with HTTP; Tue, 25 Mar 2014 12:34:15 -0700 (PDT) In-Reply-To: <201306200229.r5K2TnfR085621@svn.freebsd.org> References: <201306200229.r5K2TnfR085621@svn.freebsd.org> Date: Tue, 25 Mar 2014 13:34:15 -0600 X-Google-Sender-Auth: zxg94X9Iz-g6BndVV8-Bid0am78 Message-ID: Subject: Re: svn commit: r252015 - in head: etc share/man/man5 From: Alan Somers To: Hiroki Sato Content-Type: text/plain; charset=ISO-8859-1 Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Mar 2014 19:34:17 -0000 On Wed, Jun 19, 2013 at 8:29 PM, Hiroki Sato wrote: > Author: hrs > Date: Thu Jun 20 02:29:49 2013 > New Revision: 252015 > URL: http://svnweb.freebsd.org/changeset/base/252015 > > Log: > - Add CIDR notation support like 192.168.1-2.10-16/24 to $ifconfig_IF_aliasN. > This is an extended version of ipv4_addr_IF which supports both IPv4 and > IPv6, and multiple range specifications. To avoid to generate too many > addresses, the maximum number of the generated addresses is currently > limited to 31. > > - Add $ifconfig_IF_aliases, which accepts multiple IP aliases in a variable. > > - ipv6_prefix_IF now supports !/64 prefix length. In addition to the old > 64-bit format (2001:db8:1:1), a full 128-bit format like 2001:db8:1:1::/64 > is supported. > > - Replace ifconfig command with $IFCONFIG_CMD variable to support > a dry-run mode in the future. > > - Remove IP aliases before removing all of IPv4 addresses when doing > "rc.d/netif down". > > - Add a DAD wait to network6_getladdr() because it is possible to fail to > configure an EUI64 address when ipv6_prefix_IF is specified. > > A summary of the supported ifconfig_* variables is as follows: > > # IPv4 configuration. > ifconfig_em0="inet 192.168.0.1" > # IPv6 configuration. > ifconfig_em0_ipv6="inet6 2001:db8::1/64" > # IPv4 address range spec. Now deprecated. > ipv4_addr_em0="10.2.1.1-10" > # IPv6 alias. > ifconfig_em0_alias0="inet6 2001:db8:5::1 prefixlen 70" > # IPv4 alias. > ifconfig_em0_alias1="inet 10.2.2.1/24" > # IPv4 alias with range spec w/o AF keyword (backward compat). > ifconfig_em0_alias2="10.3.1.1-10/32" > # IPv6 alias with range spec. > ifconfig_em0_alias3="inet6 2001:db8:20-2f::1/64" > # ifconfig_IF_aliases is just like ifconfig_IF_aliasN. > ifconfig_em0_aliases="inet 10.3.3.201-204/24 inet6 2001:db8:210-213::1/64 inet 10.1.1.1/24" > # IPv6 alias (backward compat) > ipv6_ifconfig_em0_alias0="inet6 2001:db8:f::1/64" > # IPv6 alias w/o AF keyword (backward compat) > ipv6_ifconfig_em0_alias1="2001:db8:f:1::1/64" > # IPv6 prefix. > ipv6_prefix_em0="2001:db8::/64" > > Tested by: Kimmo Paasiala > > Modified: > head/etc/network.subr > head/share/man/man5/rc.conf.5 > > Modified: head/etc/network.subr > ============================================================================== > --- head/etc/network.subr Thu Jun 20 02:26:32 2013 (r252014) > +++ head/etc/network.subr Thu Jun 20 02:29:49 2013 (r252015) > @@ -24,6 +24,10 @@ ... > + for _c in $_args; do > + case $_c in > + ${_af}) > + case $_tmpargs in > + ${_af}\ *-*) > + ifalias_af_common_handler $_if $_af $_action \ > + `ifalias_expand_addr $_af $_action ${_tmpargs#${_af}\ }` > ;; > - "") ... > + # Process the last component if any. > + if [ -n "$_tmpargs}" ]; then > + case $_tmpargs in > + ${_af}\ *-*) > + ifalias_af_common_handler $_if $_af $_action \ > + `ifalias_expand_addr $_af $_action ${_tmpargs#${_af}\ }` > + ;; The "${_af}/ *-*" globbing pattern is too greedy. It matches - characters that are not part of the IP address specification. The example I found was "ifalias_af_common_handler igb1 inet -alias inet 192.168.34.45/20 fib 1 vhid 8 pass TtZeYgnyslwK6k6cItngoQAh1-E advskew 250". Note the "-" in the CARP password. This caused ifalias_af_common_handler to get stuck in an infinite recursive loop. In my case, the workaround was easy; I just used a CARP password with no "-". But I can imagine other situations that might trigger this same behavior, like "ifalias_af_common_handler igb1 inet 192.168.0.2/24 -group foo". It would be best if you tightened up the globbing pattern. -Alan