From owner-freebsd-ipfw@FreeBSD.ORG Sun Aug 23 14:06:03 2009 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C760D106564A for ; Sun, 23 Aug 2009 14:06:03 +0000 (UTC) (envelope-from lars.eggert@nokia.com) Received: from mail.fit.nokia.com (mail.fit.nokia.com [195.148.124.195]) by mx1.freebsd.org (Postfix) with ESMTP id 513D88FC0A for ; Sun, 23 Aug 2009 14:06:02 +0000 (UTC) Received: from [IPv6:2001:14b8:18f::225:ff:fe45:eccf] ([IPv6:2001:14b8:18f:0:225:ff:fe45:eccf]) (authenticated bits=0) by mail.fit.nokia.com (8.14.3/8.14.3) with ESMTP id n7NDrei6054966 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Sun, 23 Aug 2009 16:53:42 +0300 (EEST) (envelope-from lars.eggert@nokia.com) Message-Id: <67526C6C-7C00-4D0F-A987-B9AA42868E59@nokia.com> From: Lars Eggert To: Willem Jan Withagen In-Reply-To: <4A8FD99F.1050406@digiware.nl> Content-Type: multipart/signed; boundary=Apple-Mail-7--2008002; micalg=sha1; protocol="application/pkcs7-signature" Mime-Version: 1.0 (Apple Message framework v936) Date: Sun, 23 Aug 2009 16:53:35 +0300 References: <200908220010.n7M0A419071352@freefall.freebsd.org> <4A8FD99F.1050406@digiware.nl> X-Mailer: Apple Mail (2.936) X-Spam-Status: No, score=-102.6 required=5.0 tests=AWL,BAYES_00,NO_RELAYS, TW_PF,USER_IN_WHITELIST autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on fit.nokia.com X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: "freebsd-ipfw@FreeBSD.org" Subject: Re: bin/117214: ipfw(8) fwd with IPv6 treats input as IPv4 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Aug 2009 14:06:03 -0000 --Apple-Mail-7--2008002 Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Well, one pretty simple (and not always correct) fix would be to assume that if an address has more than 1 colon, it's IPv6. The correct fix is to generate a small flex parser. Lars On 2009-8-22, at 14:42, Willem Jan Withagen wrote: > Lars Eggert wrote: >> The following reply was made to PR bin/117214; it has been noted by >> GNATS. >> >> From: Lars Eggert >> To: bug-followup@FreeBSD.org, fabian@wenks.ch >> Cc: >> Subject: Re: bin/117214: ipfw(8) fwd with IPv6 treats input as IPv4 >> Date: Sat, 22 Aug 2009 02:27:44 +0300 >> >> I still see this on 7.2-STABLE: >> >> [root@fit: ~] uname -a >> FreeBSD fit.nokia.com 7.2-STABLE FreeBSD 7.2-STABLE #18: Fri Jun 26 >> 15:43:17 EEST 2009 root@fit.nokia.com:/usr/obj/usr/src/sys/FIT >> i386 >> >> [root@fit: ~] ipfw add 64010 fwd 2001:2060:40:1::1 ip6 from >> 2001:2060:40:1::123,2001:2060:40:1::124 to not >> 2001:0708:0040:fff2::1/64 out >> 64010 fwd 0.0.7.209,2060 ip6 from >> 2001:2060:40:1::123,2001:2060:40:1::124 to not >> 2001:708:40:fff2::/64 out >> >> [root@fit: ~] ipfw show 64010 >> 64010 0 0 fwd 0.0.7.209,2060 ip6 from >> 2001:2060:40:1::123,2001:2060:40:1::124 to not >> 2001:708:40:fff2::/64 out > > The trouble is with the :'s and the fact that parsing doen't really > take > care of multiple :'s. > What I considering is changing it in such a way that one is allowed to > specify ipv6 adresses as [a:bc::d] just like it works in firefox (and > other places) > > Question then is do we use [a:bc::d]/48:53 or [a:bc::d/48]:53? > > --WjW --Apple-Mail-7--2008002--