Date: Fri, 18 Sep 2015 17:29:25 +0000 (UTC) From: "Alexander V. Chernikov" <melifaro@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r287963 - in stable/10: sbin/ipfw sys/netinet sys/netpfil/ipfw Message-ID: <201509181729.t8IHTPa7076880@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: melifaro Date: Fri Sep 18 17:29:24 2015 New Revision: 287963 URL: https://svnweb.freebsd.org/changeset/base/287963 Log: MFC r266310 Fix wrong formatting of 0.0.0.0/X table records in ipfw(8). Add `flags` u16 field to the hole in ipfw_table_xentry structure. Kernel has been guessing address family for supplied record based on xent length size. Userland, however, has been getting fixed-size ipfw_table_xentry structures guessing address family by checking address by IN6_IS_ADDR_V4COMPAT(). Fix this behavior by providing specific IPFW_TCF_INET flag for IPv4 records. PR: bin/189471,kern/200169 Modified: stable/10/sbin/ipfw/ipfw2.c stable/10/sys/netinet/ip_fw.h stable/10/sys/netpfil/ipfw/ip_fw_table.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sbin/ipfw/ipfw2.c ============================================================================== --- stable/10/sbin/ipfw/ipfw2.c Fri Sep 18 17:17:40 2015 (r287962) +++ stable/10/sbin/ipfw/ipfw2.c Fri Sep 18 17:29:24 2015 (r287963) @@ -4389,7 +4389,7 @@ table_list(uint16_t num, int need_header addr6 = &xent->k.addr6; - if (IN6_IS_ADDR_V4COMPAT(addr6)) { + if ((xent->flags & IPFW_TCF_INET) != 0) { /* IPv4 address */ inet_ntop(AF_INET, &addr6->s6_addr32[3], tbuf, sizeof(tbuf)); } else { Modified: stable/10/sys/netinet/ip_fw.h ============================================================================== --- stable/10/sys/netinet/ip_fw.h Fri Sep 18 17:17:40 2015 (r287962) +++ stable/10/sys/netinet/ip_fw.h Fri Sep 18 17:29:24 2015 (r287963) @@ -614,6 +614,7 @@ typedef struct _ipfw_table_xentry { uint8_t type; /* entry type */ uint8_t masklen; /* mask length */ uint16_t tbl; /* table number */ + uint16_t flags; /* record flags */ uint32_t value; /* value */ union { /* Longest field needs to be aligned by 4-byte boundary */ @@ -621,6 +622,7 @@ typedef struct _ipfw_table_xentry { char iface[IF_NAMESIZE]; /* interface name */ } k; } ipfw_table_xentry; +#define IPFW_TCF_INET 0x01 /* CIDR flags: IPv4 record */ typedef struct _ipfw_table { u_int32_t size; /* size of entries in bytes */ Modified: stable/10/sys/netpfil/ipfw/ip_fw_table.c ============================================================================== --- stable/10/sys/netpfil/ipfw/ip_fw_table.c Fri Sep 18 17:17:40 2015 (r287962) +++ stable/10/sys/netpfil/ipfw/ip_fw_table.c Fri Sep 18 17:29:24 2015 (r287963) @@ -697,6 +697,7 @@ dump_table_xentry_base(struct radix_node xent->masklen = 33 - ffs(ntohl(n->mask.sin_addr.s_addr)); /* Save IPv4 address as deprecated IPv6 compatible */ xent->k.addr6.s6_addr32[3] = n->addr.sin_addr.s_addr; + xent->flags = IPFW_TCF_INET; xent->value = n->value; tbl->cnt++; return (0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201509181729.t8IHTPa7076880>