Date: Fri, 2 Jun 2006 13:16:30 +1000 (EST) From: Mark Andrews <Mark_Andrews@isc.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/98349: ipfw does not display dynamic IPv6 rules [patch] Message-ID: <200606020316.k523GUGC044990@drugs.dv.isc.org> Resent-Message-ID: <200606020320.k523KEt4096564@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 98349 >Category: bin >Synopsis: ipfw does not display dynamic IPv6 rules [patch] >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Jun 02 03:20:14 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Mark Andrews >Release: FreeBSD 6.1-PRERELEASE i386 >Organization: ISC >Environment: System: FreeBSD drugs.dv.isc.org 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #4: Fri Mar 24 10:55:39 EST 2006 marka@drugs.dv.isc.org:/usr/obj/usr/src/sys/DRUGS i386 >Description: ipfw does not display dynamic IPv6 rules >How-To-Repeat: Add a rule like this // support traceroute add 4500 set 1 pass udp from { me or me6 } to any keep-state out run traceroute6 to some destination. run "ipfw -d list" >Fix: --- /home/marka/ipfw2.c Fri Jun 2 13:11:11 2006 +++ ipfw2.c Fri Jun 2 13:03:39 2006 @@ -17,7 +17,7 @@ * * NEW command line interface for IP firewall facility * - * $FreeBSD: /repoman/r/ncvs/src/sbin/ipfw/ipfw2.c,v 1.76.2.6 2006/03/09 09:18:37 ume Exp $ + * $FreeBSD: src/sbin/ipfw/ipfw2.c,v 1.76.2.6 2006/03/09 09:18:37 ume Exp $ */ #include <sys/param.h> @@ -1931,6 +1931,7 @@ struct protoent *pe; struct in_addr a; uint16_t rulenum; + char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:123.123.123.123")]; if (!do_expired) { if (!d->expire && !(d->dyn_type == O_LIMIT_PARENT)) @@ -1959,11 +1960,21 @@ else printf(" proto %u", d->id.proto); - a.s_addr = htonl(d->id.src_ip); - printf(" %s %d", inet_ntoa(a), d->id.src_port); - - a.s_addr = htonl(d->id.dst_ip); - printf(" <-> %s %d", inet_ntoa(a), d->id.dst_port); + if (d->id.addr_type == 4) { + a.s_addr = htonl(d->id.src_ip); + printf(" %s %d", inet_ntoa(a), d->id.src_port); + + a.s_addr = htonl(d->id.dst_ip); + printf(" <-> %s %d", inet_ntoa(a), d->id.dst_port); + } else if (d->id.addr_type == 6) { + printf(" %s %d", + inet_ntop(AF_INET6, &d->id.src_ip6, buf, sizeof(buf)), + d->id.src_port); + printf(" <-> %s %d", + inet_ntop(AF_INET6, &d->id.dst_ip6, buf, sizeof(buf)), + d->id.dst_port); + } else + printf("UNKNOWN <-> UNKNOWN"); printf("\n"); } >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606020316.k523GUGC044990>