bin/120720: [patch] [ipfw] unbreak POLA for ipfw table list
vadim_nuclight at mail.ru
Mon Feb 18 00:50:03 PST 2008
The following reply was made to PR bin/120720; it has been noted by GNATS.
From: "Vadim Goncharov" <vadim_nuclight at mail.ru>
To: "Eugene Grosbein" <eugen at kuzbass.ru>
Cc: bug-followup at freebsd.org, freebsd-ipfw at freebsd.org
Subject: Re: bin/120720: [patch] [ipfw] unbreak POLA for ipfw table list
Date: Mon, 18 Feb 2008 12:47:43 +0600
In-Reply-To: <200802151642.m1FGgGfQ002038 at grosbein.pp.ru>
References: <200802151642.m1FGgGfQ002038 at grosbein.pp.ru>
Hi Eugene Grosbein!
On Fri, 15 Feb 2008 23:42:16 +0700 (KRAT); Eugene Grosbein
<eugen at kuzbass.ru> wrote:
> The command "ipfw table 1 list" used to format table values
> associated with network addresses as 32-bit unsigned integers
> until 6.3-RELEASE. Since 6.3-RELEASE, it interprets values
> that are greater than 65535 as IP-addresses.
> This change breaks many existing applications that expect the format
> to be an integer, as it used to be since RELENG_4.
> This change is not even documented. So, it breaks POLA and should be
> ipfw table 1 add 188.8.131.52 $(date +%s)
> ipfw table 1 list
> This used to show something like "184.108.40.206/32 1203093427" before change
> but now it shows something like "220.127.116.11/32 18.104.22.168" instead.
Confirming. This breaks UNIX-time using scripts for many systems and was
introduced by ``ipfw fwd tablearg'' handling commit to 6.2-STABLE in May
POLA should be unbroken as far as possible.
WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight at mail.ru
[Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight]
More information about the freebsd-ipfw