[PATCH] deprecating abrevations in ipfw
Chuck Swiger
cswiger at mac.com
Fri Jan 7 04:32:00 PST 2005
Brooks Davis wrote:
> The ipfw program's code is littered with unmaintainable uses of strncmp
> to implement abbreviations. The following patch replaces those with
> two new functions which simplify the code and produce warnings that the
> syntax is deprecated. In a future release, those can be converted to
> hard errors and then finally the code can revert to using strcmp. The
> intention is to explicitly support a small number of abbreviations that
> actually make sense rather then allowing arbitrary shortening of some
> words.
Excellent, thanks for working on this. For what it's worth, about 95% of this
diff applied OK with an offset under 5-STABLE; but two pieces around:
***************
*** 1715,1736 ****
if (ac == 0) {
warnx("missing keyword to enable/disable\n");
- } else if (strncmp(*av, "firewall", strlen(*av)) == 0) {
[ ... ]
...and:
***************
*** 2991,2997 ****
have_log = (ipfw_insn *)c;
cmd->len = F_INSN_SIZE(ipfw_insn_log);
cmd->opcode = O_LOG;
- if (ac && !strncmp(*av, "logamount", strlen(*av))) {
ac--; av++;
...needed manual adjustment. The resulting ipfw binary seems to work OK with
a simple client-oriented ruleset, but I haven't pushed it very hard yet.
Also, at the end of your message there was a unrelated diff...?
> ==== //depot/user/brooks/ports/slimserver/Makefile#20 - /home/brooks/working/freebsd/p4/ports/slimserver/Makefile ====
> @@ -26,7 +26,7 @@
> RUN_DEPENDS+= ${SLIM_CPAN_DEPS:S|^|${SITE_PERL}/|:S|:|:${PORTSDIR}/|}
[ ... ]
--
-Chuck
More information about the freebsd-ipfw
mailing list