Date: Sat, 13 Dec 2003 21:47:07 +0300 (MSK) From: Maxim Konovalov <maxim@macomnet.ru> To: Nate Grey <NateBSD@yahoo.it> Cc: net@freebsd.org Subject: Re: Fwd: 5.2-RC + ipfw Message-ID: <20031213214424.E42015@news1.macomnet.ru> In-Reply-To: <200312131149.44582.NateBSD@yahoo.it> References: <200312131149.44582.NateBSD@yahoo.it>
next in thread | previous in thread | raw e-mail | index | archive | help
[ CC: Luigi ]
On Sat, 13 Dec 2003, 11:49-0000, Nate Grey wrote:
> Hello,
>
> on 5.2-RC I get this error from ipfw:
>
> ipfw in free(): error: modified (chunk -) pointer
> Aboirt trap (core dumped)
>
> examining my firewall script I noticed that error occurs when ipfw try to
> load this rules
>
> fwcmd="/sbin/ipfw -q/"
> ${fwcmd} add 310 set 1 deny ip from $bad_guys to any in recv ep0
> ${fwcmd} add 310 set 2 deny ip from any to $bad_guys out via ep0
>
> badguys are:
>
> bad_guys="(\
> 127.0.0.0/8 or \
> 192.168.0.1/16 or \
> 10.0.0.0/8 or \
> 172.16.0.0/12 or \
> 0.0.0.0/8 or \
> 169.254.0.0/16 or \
> 192.0.2.0/24 or \
> 224.0.0.0/4 \
> )"
>
> anyway, according to `ipfw sh` output the rules are loaded.
Please try an enclosed patch or put a whitespace right after the '('
before '\'.
Index: ipfw2.c
===================================================================
RCS file: /home/ncvs/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.42
diff -u -r1.42 ipfw2.c
--- ipfw2.c 31 Oct 2003 18:31:55 -0000 1.42
+++ ipfw2.c 13 Dec 2003 18:42:18 -0000
@@ -2901,15 +2901,14 @@
goto done;
#define OR_START(target) \
- if (ac && (*av[0] == '(' || *av[0] == '{')) { \
+ if (ac && ( \
+ !strncmp(*av, "(", strlen(*av)) || \
+ !strncmp(*av, "{", strlen(*av)) )) { \
if (open_par) \
errx(EX_USAGE, "nested \"(\" not allowed\n"); \
prev = NULL; \
open_par = 1; \
- if ( (av[0])[1] == '\0') { \
- ac--; av++; \
- } else \
- (*av)++; \
+ ac--; av++; \
} \
target: \
%%%
--
Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031213214424.E42015>