bin/68785: Incorrect parsing of 0.0.0.0/0 as 'me' in ipfw(8) (fwd)
Nicolas Dehaine
nicko at stbernard.com
Wed Jul 7 14:20:24 PDT 2004
>Number: 68785
>Category: bin
>Synopsis: Incorrect parsing of 0.0.0.0/0 as 'me' in ipfw(8)
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jul 07 21:20:23 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Nicolas Dehaine
>Release: FreeBSD 5.2.1-RELEASE i386
>Organization:
St Bernard
>Environment:
System: FreeBSD nks 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Tue Apr 20 15:49:16 PDT 2004 root at nks:/usr/src/sys/i386/compile/KERNEL i386
>Description:
ipfw(8) parses 0.0.0.0/0 as "me" instead of "any" when adding a forward rule
>How-To-Repeat:
/sbin/ipfw "add fwd 127.0.0.1,80 tcp from 0.0.0.0/0 to 0.0.0.0/0 dst-port 80 in via fxp1"
00100 fwd 127.0.0.1 tcp from me to me dst-port 80 in via fxp1
>Fix:
The following works for me :
Index: ipfw2.c
===================================================================
RCS file: /usr/cvsroot/freebsd5/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.1.1.2
diff -c -r1.1.1.2 ipfw2.c
*** ipfw2.c 18 Mar 2004 02:10:47 -0000 1.1.1.2
--- ipfw2.c 7 Jul 2004 16:51:12 -0000
***************
*** 2040,2045 ****
--- 2040,2048 ----
if (av == NULL && len == 0) /* only this entry */
errx(EX_DATAERR, "not any never matches");
}
+ /* if x.x.x.x/0 is the only entry, return any */
+ if (av == NULL && len == 0) /* only this entry */
+ return;
/* else do nothing and skip this entry */
continue;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list