bin/97194: [patch] [ipfw] ipfw does not correctly list dynamic IPv6
rules
Martin Birgmeier
martin at email.aon.at
Sat May 13 07:50:15 UTC 2006
>Number: 97194
>Category: bin
>Synopsis: [patch] [ipfw] ipfw does not correctly list dynamic IPv6 rules
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat May 13 07:50:13 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Martin Birgmeier
>Release: FreeBSD 6.1-RELEASE i386
>Organization:
MBi at home
>Environment:
System: FreeBSD gandalf.xyzzy 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Thu May 11 21:56:57 CEST 2006 root at marvin.xyzzy:/usr/VOL/OBJ/FreeBSD/RELENG_6_1_0_RELEASE/src/sys/GANDALF i386
>Description:
/sbin/ipfw always assumes IPv4 addresses when listing dynamic
firewall rules. IPv6 addresses are shown as 0.0.0.0.
>How-To-Repeat:
Create Internet traffic such that dynamic IPv6 rules are established.
Then list those rules using, e.g., "ipfw -d show". Dynamic IPv6
rules will be shown incorrectly.
>Fix:
*** sbin/ipfw/ipfw2.c.ORIG Thu Mar 9 10:18:37 2006
--- sbin/ipfw/ipfw2.c Sat May 13 09:26:46 2006
***************
*** 1959,1969 ****
else
printf(" proto %u", d->id.proto);
! a.s_addr = htonl(d->id.src_ip);
! printf(" %s %d", inet_ntoa(a), d->id.src_port);
! a.s_addr = htonl(d->id.dst_ip);
! printf(" <-> %s %d", inet_ntoa(a), d->id.dst_port);
printf("\n");
}
--- 1959,1981 ----
else
printf(" proto %u", d->id.proto);
! if (IS_IP6_FLOW_ID(&(d->id))) {
! char buff[255];
! /* XXX no error checking */
! inet_ntop(AF_INET6, &(d->id.src_ip6), buff, sizeof(buff));
! printf(" %s %d", buff, d->id.src_port);
!
! /* XXX no error checking */
! inet_ntop(AF_INET6, &(d->id.dst_ip6), buff, sizeof(buff));
! printf(" <-> %s %d", buff, d->id.dst_port);
! } else {
! a.s_addr = htonl(d->id.src_ip);
! printf(" %s %d", inet_ntoa(a), d->id.src_port);
!
! a.s_addr = htonl(d->id.dst_ip);
! printf(" <-> %s %d", inet_ntoa(a), d->id.dst_port);
! }
printf("\n");
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list