From owner-freebsd-ipfw@FreeBSD.ORG Mon Feb 18 18:45:44 2008 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C20F316A46E for ; Mon, 18 Feb 2008 18:45:44 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outK.internet-mail-service.net (outK.internet-mail-service.net [216.240.47.234]) by mx1.freebsd.org (Postfix) with ESMTP id 73F6B13C4EB for ; Mon, 18 Feb 2008 18:45:44 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.40) with ESMTP; Mon, 18 Feb 2008 10:32:26 -0800 Received: from julian-mac.elischer.org (localhost [127.0.0.1]) by idiom.com (Postfix) with ESMTP id 1C918127296; Mon, 18 Feb 2008 10:32:26 -0800 (PST) Message-ID: <47B9CF40.1050904@elischer.org> Date: Mon, 18 Feb 2008 10:32:32 -0800 From: Julian Elischer User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031) MIME-Version: 1.0 To: Vadim Goncharov References: In-Reply-To: Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org, Eugene Grosbein , bug-followup@freebsd.org Subject: Re: bin/120720: [patch] [ipfw] unbreak POLA for ipfw table list X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Feb 2008 18:45:44 -0000 Vadim Goncharov wrote: > In-Reply-To: <200802151642.m1FGgGfQ002038@grosbein.pp.ru> > References: <200802151642.m1FGgGfQ002038@grosbein.pp.ru> > > Hi Eugene Grosbein! > > On Fri, 15 Feb 2008 23:42:16 +0700 (KRAT); Eugene Grosbein > wrote: > >> The command "ipfw table 1 list" used to format table values >> associated with network addresses as 32-bit unsigned integers >> until 6.3-RELEASE. Since 6.3-RELEASE, it interprets values >> that are greater than 65535 as IP-addresses. > >> This change breaks many existing applications that expect the format >> to be an integer, as it used to be since RELENG_4. >> This change is not even documented. So, it breaks POLA and should be >> corrected. > >>> How-To-Repeat: > >> ipfw table 1 add 1.1.1.1 $(date +%s) >> ipfw table 1 list > >> This used to show something like "1.1.1.1/32 1203093427" before change >> but now it shows something like "1.1.1.1/32 71.181.191.179" instead. > > Confirming. This breaks UNIX-time using scripts for many systems and was > introduced by ``ipfw fwd tablearg'' handling commit to 6.2-STABLE in May > 2007. > > POLA should be unbroken as far as possible. that was me.. It is my memory that before that time tableargs were only used in 16 bit form. there were no users in ipfw of the full 32 bit field. I did not consider that someone would put a 32 bit number in there just to print it out again. (what would you do that for?) It shows that even if you were involved in writing code you can never predict what your users will do with it. I'll add an argument to force the interpretation.