Date: Mon, 15 Sep 2003 07:12:30 -0700 From: Luigi Rizzo <luigi@FreeBSD.org> To: Maxim Konovalov <maxim@FreeBSD.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sbin/ipfw ipfw2.c Message-ID: <20030915071230.A79168@xorpc.icir.org> In-Reply-To: <20030915172004.M88599@news1.macomnet.ru>; from maxim@FreeBSD.org on Mon, Sep 15, 2003 at 05:34:38PM %2B0400 References: <200309151027.h8FAR3Xc012173@repoman.freebsd.org> <20030915172004.M88599@news1.macomnet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 15, 2003 at 05:34:38PM +0400, Maxim Konovalov wrote:
...
> > MFC (almost) of 3 bugs reported recently:
> > + fix aligmnent issues on 64-bit architectures (1.40);
> > + better argument checking when enabling/disabling ipfw-related
> > sysctl variables (1.39)
> > + fix handling of foo/0 as an alias for "any";
> -----^^^^^^^^^^^^^^^^^^^^^^^
>
> This bug is not fixed in -current yet.
yes i explicitly mentioned that to re@ (and the fact that
it was urgent to commit it in RELENG_4 before 4.9)
> And a lot others:
ok, error handling is terribly weak, i know.
Basically, all the cases below are errors -- "any" in an
address list makes the entire list useless, "not any" never
matches and so should never appear in an ipfw command.
feel free to commit fixes to this part.
cheers
luigi
> # ipfw -n add count all from any to not any
> 00000 count ip from any to any
>
> # ipfw -n add count all from not any to any
> 00000 count ip from any to any
>
> # ipfw -n add count all from any to { 1.1.1.1/1 or not any }
> 00000 count ip from any to { 0.0.0.0/1 or
>
> # ipfw -n add count all from any to { 1.1.1.1/1 or any }
> 00000 count ip from any to { 0.0.0.0/1 or
>
> # ipfw -n add count all from any to { 1.1.1.1/1 or 0.0.0.0/0 }
> 00000 count ip from any to { 0.0.0.0/1 or
>
> and so on.
>
> --
> Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030915071230.A79168>