Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Nov 2013 15:30:26 +1100 (EST)
From:      Ian Smith <smithi@nimnet.asn.au>
To:        "Alexander V. Chernikov" <melifaro@freebsd.org>
Cc:        freebsd-ipfw <freebsd-ipfw@freebsd.org>, Luigi Rizzo <rizzo@iet.unipi.it>, freebsd-stable <freebsd-stable@freebsd.org>
Subject:   Re: ipfw table add problem
Message-ID:  <20131125152238.S78756@sola.nimnet.asn.au>
In-Reply-To: <529259DE.2040701@FreeBSD.org>
References:  <CAAcX-AGDZbFn5RmhLBBn2PPWRPcsFUnea5MgTc7nuXGD8Ge53A@mail.gmail.com> <52911993.8010108@ipfw.ru> <CAAcX-AEt_i8RUfmMy6WLnER0X=uLk5A1=oj911k-nyMJEghRLw@mail.gmail.com> <529259DE.2040701@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Sun, 24 Nov 2013 23:56:14 +0400, Alexander V. Chernikov wrote:
 > On 24.11.2013 19:43, Özkan KIRIK wrote:
 > > Hi,
 > > 
 > > I tested patch. This patch solves, ipfw table 1 add 4899
 > Ok. So I'll commit this fix soon.
 > > 
 > > But, ipfw table 1 add 10.2.3.01 works incorrectly.
 > > output is below.
 > > # ./ipfw table 1 flush
 > > # ./ipfw table 1 add 10.2.3.01
 > inet_pton() does not recognize this as valid IPv4 address, so it is
 > treated as usigned unteger key. It looks like this behavior is mentioned
 > in STANDARDS section.
 > > # ./ipfw table 1 list
 > > 0.0.0.10/32 0

I'm wondering if "so don't do that" is really sufficient to deal with 
this?  If it's not recognised as a valid address, shouldn't it fail to 
add anything, with a complaint?  I don't see how a string containing 
dots can be seen as a valid unsigned integer?

cheers, Ian
From owner-freebsd-ipfw@FreeBSD.ORG  Mon Nov 25 11:06:51 2013
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id ED52155F
 for <freebsd-ipfw@FreeBSD.org>; Mon, 25 Nov 2013 11:06:50 +0000 (UTC)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id DC21B2F49
 for <freebsd-ipfw@FreeBSD.org>; Mon, 25 Nov 2013 11:06:50 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id rAPB6oQd089887
 for <freebsd-ipfw@FreeBSD.org>; Mon, 25 Nov 2013 11:06:50 GMT
 (envelope-from owner-bugmaster@FreeBSD.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id rAPB6oF4089885
 for freebsd-ipfw@FreeBSD.org; Mon, 25 Nov 2013 11:06:50 GMT
 (envelope-from owner-bugmaster@FreeBSD.org)
Date: Mon, 25 Nov 2013 11:06:50 GMT
Message-Id: <201311251106.rAPB6oF4089885@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: gnats set sender to
 owner-bugmaster@FreeBSD.org using -f
From: FreeBSD bugmaster <bugmaster@freebsd.org>
To: freebsd-ipfw@FreeBSD.org
Subject: Current problem reports assigned to freebsd-ipfw@FreeBSD.org
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw/>;
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
 <mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Nov 2013 11:06:51 -0000

Note: to view an individual PR, use:
  http://www.freebsd.org/cgi/query-pr.cgi?pr=(number).

The following is a listing of current problems submitted by FreeBSD users.
These represent problem reports covering all versions including
experimental development code and obsolete releases.


S Tracker      Resp.      Description
--------------------------------------------------------------------------------
o kern/180731  ipfw       [ipfw] problem with displaying 255.255.255.255 address
o kern/180729  ipfw       [ipfw] ipfw nat show empty output
o kern/178482  ipfw       [ipfw] logging problem from vnet jail
o kern/178480  ipfw       [ipfw] dynamically loaded ipfw with a vimage kernel do
o kern/178317  ipfw       [ipfw] ipfw options need to specifed in specific order
o kern/177948  ipfw       [ipfw] ipfw fails to parse port ranges (p1-p2) for udp
o kern/176503  ipfw       [ipfw] ipfw layer2 problem
o conf/167822  ipfw       [ipfw] [patch] start script doesn't load firewall_type
o kern/166406  ipfw       [ipfw] ipfw does not set ALTQ identifier for ipv6 traf
o kern/165939  ipfw       [ipfw] bug: incomplete firewall rules loaded if tables
o kern/165190  ipfw       [ipfw] [lo] [patch] loopback interface is not marking 
o kern/158066  ipfw       [ipfw] ipfw + netgraph + multicast = multicast packets
o kern/157689  ipfw       [ipfw] ipfw nat config does not accept nonexistent int
f kern/155927  ipfw       [ipfw] ipfw stops to check packets for compliance with
o bin/153252   ipfw       [ipfw][patch] ipfw lockdown system in subsequent call 
o kern/153161  ipfw       [ipfw] does not support specifying rules with ICMP cod
o kern/148827  ipfw       [ipfw] divert broken with in-kernel ipfw
o kern/148430  ipfw       [ipfw] IPFW schedule delete broken.
o kern/148091  ipfw       [ipfw] ipfw ipv6 handling broken.
f kern/143973  ipfw       [ipfw] [panic] ipfw forward option causes kernel reboo
o kern/143621  ipfw       [ipfw] [dummynet] [patch] dummynet and vnet use result
o kern/137346  ipfw       [ipfw] ipfw nat redirect_proto is broken
o kern/137232  ipfw       [ipfw] parser troubles
o kern/129036  ipfw       [ipfw] 'ipfw fwd' does not change outgoing interface n
o kern/127230  ipfw       [ipfw] [patch] Feature request to add UID and/or GID l
f kern/122963  ipfw       [ipfw] tcpdump does not show packets redirected by 'ip
s kern/121807  ipfw       [request] TCP and UDP port_table in ipfw
o kern/116009  ipfw       [ipfw] [patch] Ignore errors when loading ruleset from
o kern/104682  ipfw       [ipfw] [patch] Some minor language consistency fixes a
o kern/103454  ipfw       [ipfw] [patch] [request] add a facility to modify DF b
o kern/103328  ipfw       [ipfw] [request] sugestions about ipfw table
o kern/97951   ipfw       [ipfw] [patch] ipfw does not tie interface details to 
o kern/95084   ipfw       [ipfw] [regression] [patch] IPFW2 ignores "recv/xmit/v
o kern/86957   ipfw       [ipfw] [patch] ipfw mac logging
o bin/83046    ipfw       [ipfw] ipfw2 error: "setup" is allowed for icmp, but s
o kern/82724   ipfw       [ipfw] [patch] [request] Add setnexthop and defaultrou
o bin/78785    ipfw       [patch] ipfw(8) verbosity locks machine if /etc/rc.fir
o kern/60719   ipfw       [ipfw] Headerless fragments generate cryptic error mes
s kern/55984   ipfw       [ipfw] [patch] time based firewalling support for ipfw
o kern/48172   ipfw       [ipfw] [patch] ipfw does not log size and flags
o kern/46159   ipfw       [ipfw] [patch] [request] ipfw dynamic rules lifetime f
a kern/26534   ipfw       [ipfw] Add an option to ipfw to log gid/uid of who cau

42 problems total.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20131125152238.S78756>