Date: Mon, 02 Apr 2007 22:37:19 -0400 From: Mike Tancsa <mike@sentex.net> To: JoaoBR <joao@matik.com.br>, freebsd-stable@freebsd.org Cc: julian@freebsd.org Subject: Re: ipfw add pipe broken in RELENG_6 Message-ID: <200704030239.l332dC89044128@lava.sentex.ca> In-Reply-To: <200704011107.22750.joao@matik.com.br> References: <200704011107.22750.joao@matik.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:07 AM 4/1/2007, JoaoBR wrote:
>it seems I can not add pipes with releng6 sources from the last days
>
>ipfw add pipe 1 ip from any to any
>ipfw: getsockopt(IP_FW_ADD): Invalid argument
I think this is whats needed in /usr/src/sbin/ipfw. Looking at the
diffs between HEAD and RELENG_6 (apart from the kernel nat stuff),
below seems to be whats different.
[smicro1U]# diff -u ipfw2.c.orig ipfw2.c
--- ipfw2.c.orig Mon Apr 2 22:28:33 2007
+++ ipfw2.c Mon Apr 2 22:30:45 2007
@@ -3973,11 +3973,9 @@
break;
case TOK_QUEUE:
- action->len = F_INSN_SIZE(ipfw_insn_pipe);
action->opcode = O_QUEUE;
goto chkarg;
case TOK_PIPE:
- action->len = F_INSN_SIZE(ipfw_insn_pipe);
action->opcode = O_PIPE;
goto chkarg;
case TOK_SKIPTO:
@@ -4043,11 +4041,13 @@
"illegal forwarding port ``%s''", s);
p->sa.sin_port = (u_short)i;
}
- lookup_host(*av, &(p->sa.sin_addr));
- }
+ if (_substrcmp(*av, "tablearg") == 0)
+ p->sa.sin_addr.s_addr = INADDR_ANY;
+ else
+ lookup_host(*av, &(p->sa.sin_addr));
ac--; av++;
break;
-
+ }
case TOK_COMMENT:
/* pretend it is a 'count' rule followed by the comment */
action->opcode = O_COUNT;
[smicro1U]#
The command seems to be getting tripped up in /usr/src/sys/netinet/ip_fw2.c
case O_QUEUE:
if (cmdlen != F_INSN_SIZE(ipfw_insn))
goto bad_size;
goto check_action;
where size=2 and cmdlen=1 on opcode=50
---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200704030239.l332dC89044128>