Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 02 Apr 2007 23:56:54 -0700
From:      Julian Elischer <julian@elischer.org>
To:        Mike Tancsa <mike@sentex.net>
Cc:        julian@freebsd.org, freebsd-stable@freebsd.org, JoaoBR <joao@matik.com.br>
Subject:   Re: ipfw add pipe broken in RELENG_6
Message-ID:  <4611FAB6.4090201@elischer.org>
In-Reply-To: <200704030239.l332dC89044128@lava.sentex.ca>
References:  <200704011107.22750.joao@matik.com.br> <200704030239.l332dC89044128@lava.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help 
Mike Tancsa wrote:
> At 10:07 AM 4/1/2007, JoaoBR wrote:
> 
>> it seems I can not add pipes with releng6 sources from the last days
>>
>> ipfw add pipe 1 ip from any to any
>> ipfw: getsockopt(IP_FW_ADD): Invalid argument
> 
> I think this is whats needed in /usr/src/sbin/ipfw.  Looking at the 
> diffs between HEAD and RELENG_6 (apart from the kernel nat stuff), below 
> seems to be whats different.

somewhere between my MFC testing and the commits there seems to have been a 
screwup.
I think it happenned because I reverted a MFC out of my list of MFC's to do after
I had done some tests because they causled a failure and I hadn't realised that
they affected this code too.

I'm doing testing now and should be able to confirm this in a short while.



> 
> 
> [smicro1U]# diff -u ipfw2.c.orig ipfw2.c
> --- ipfw2.c.orig        Mon Apr  2 22:28:33 2007
> +++ ipfw2.c     Mon Apr  2 22:30:45 2007
> @@ -3973,11 +3973,9 @@
>                 break;
> 
>         case TOK_QUEUE:
> -               action->len = F_INSN_SIZE(ipfw_insn_pipe);
>                 action->opcode = O_QUEUE;
>                 goto chkarg;
>         case TOK_PIPE:
> -               action->len = F_INSN_SIZE(ipfw_insn_pipe);
>                 action->opcode = O_PIPE;
>                 goto chkarg;
>         case TOK_SKIPTO:
> @@ -4043,11 +4041,13 @@
>                                     "illegal forwarding port ``%s''", s);
>                         p->sa.sin_port = (u_short)i;
>                 }
> -               lookup_host(*av, &(p->sa.sin_addr));
> -               }
> +               if (_substrcmp(*av, "tablearg") == 0)
> +                       p->sa.sin_addr.s_addr = INADDR_ANY;
> +               else
> +                       lookup_host(*av, &(p->sa.sin_addr));
>                 ac--; av++;
>                 break;
> -
> +            }
>         case TOK_COMMENT:
>                 /* pretend it is a 'count' rule followed by the comment */
>                 action->opcode = O_COUNT;
> [smicro1U]#
> 
> 
> 
> The command seems to be getting tripped up in /usr/src/sys/netinet/ip_fw2.c
> 
>                 case O_QUEUE:
>                         if (cmdlen != F_INSN_SIZE(ipfw_insn))
>                                 goto bad_size;
>                         goto check_action;
> 
> where size=2 and cmdlen=1 on opcode=50
> 
>         ---Mike

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4611FAB6.4090201>