cvs commit: src/sbin/ipfw ipfw2.c
Luigi Rizzo
luigi at FreeBSD.org
Mon Sep 15 07:12:33 PDT 2003
On Mon, Sep 15, 2003 at 05:34:38PM +0400, Maxim Konovalov wrote:
...
> > MFC (almost) of 3 bugs reported recently:
> > + fix aligmnent issues on 64-bit architectures (1.40);
> > + better argument checking when enabling/disabling ipfw-related
> > sysctl variables (1.39)
> > + fix handling of foo/0 as an alias for "any";
> -----^^^^^^^^^^^^^^^^^^^^^^^
>
> This bug is not fixed in -current yet.
yes i explicitly mentioned that to re@ (and the fact that
it was urgent to commit it in RELENG_4 before 4.9)
> And a lot others:
ok, error handling is terribly weak, i know.
Basically, all the cases below are errors -- "any" in an
address list makes the entire list useless, "not any" never
matches and so should never appear in an ipfw command.
feel free to commit fixes to this part.
cheers
luigi
> # ipfw -n add count all from any to not any
> 00000 count ip from any to any
>
> # ipfw -n add count all from not any to any
> 00000 count ip from any to any
>
> # ipfw -n add count all from any to { 1.1.1.1/1 or not any }
> 00000 count ip from any to { 0.0.0.0/1 or
>
> # ipfw -n add count all from any to { 1.1.1.1/1 or any }
> 00000 count ip from any to { 0.0.0.0/1 or
>
> # ipfw -n add count all from any to { 1.1.1.1/1 or 0.0.0.0/0 }
> 00000 count ip from any to { 0.0.0.0/1 or
>
> and so on.
>
> --
> Maxim Konovalov, maxim at macomnet.ru, maxim at FreeBSD.org
More information about the cvs-src
mailing list