Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 16 Apr 2008 19:47:53 -0700
From:      Julian Elischer <julian@elischer.org>
To:        FreeBSD Net <freebsd-net@freebsd.org>, Luigi Rizzo <rizzo@icir.org>,  ipfw@freebsd.org
Subject:   addition to ipfw table..
Message-ID:  <4806BA59.4030106@elischer.org>
next in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.
--------------090907080703050903020505
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

this change allows one to type

ipfw table 2 add 1.1.1.1:255.255.255.0 0
in addition to the currently acceptable 1.1.1.1/24 0

The reason is that some programs supply the netmask in
that (mask) form and a shell script trying to add it to a table
has a hard time converting it to the currently acceptable form
(the latter).

I do know it won't handle non contiguous masks well but as the
ipfw ABI code only accepts a network mask length instead of a
mask, there's not much that can be done.
I may suggest a later fix for that but it will break the ABI.

comments?




--------------090907080703050903020505
Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0"; name="ipfw.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="ipfw.diff"

Index: ipfw2.c
===================================================================
RCS file: /usr/local/cvsroot/freebsd/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.118
diff -d -u -r1.118 ipfw2.c
--- ipfw2.c	27 Feb 2008 13:52:33 -0000	1.118
+++ ipfw2.c	17 Apr 2008 02:46:34 -0000
@@ -5856,8 +5856,22 @@
 			ent.masklen = atoi(p);
 			if (ent.masklen > 32)
 				errx(EX_DATAERR, "bad width ``%s''", p);
-		} else
-			ent.masklen = 32;
+		} else {
+			p = strchr(*av, ':');
+ 			if (p) {
+				u_int32_t tempint;
+				*p++ = '\0';
+				if (!inet_aton(p, (struct in_addr *)&tempint ))
+					errx(EX_DATAERR,
+					    "bad netmask ``%s''", p);
+				if (tempint)
+					ent.masklen =
+					    33 - ffs((~ntohl(tempint)) + 1);
+				else
+					ent.masklen = 0;
+			} else
+				ent.masklen = 32;
+		}
 		if (lookup_host(*av, (struct in_addr *)&ent.addr) != 0)
 			errx(EX_NOHOST, "hostname ``%s'' unknown", *av);
 		ac--; av++;

--------------090907080703050903020505--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4806BA59.4030106>