bin/54467: ipfw command (ipfw2) does not accept comments in
rule-file.
HATANOU Tomomi
hatanou at infolab.ne.jp
Mon Jul 14 02:10:09 PDT 2003
>Number: 54467
>Category: bin
>Synopsis: ipfw command (ipfw2) does not accept comments in rule-file.
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jul 14 02:10:07 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: HATANOU Tomomi <hatanou at infolab.ne.jp>
>Release: FreeBSD 5.1-CURRENT i386
>Organization:
Infolab, inc.
>Environment:
System: FreeBSD ryoko.infolab.ne.jp 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Sun Jul 13 17:31:11 JST 2003 hatanou at ryoko.infolab.ne.jp:/usr/obj/usr/src/sys/LETSNOTE i386
Panasonic CF-B5FR notebook w/ 192M RAM
>Description:
ipfw2 does not accept comments, beginning with '#' character,
in firewall rule file. Instead, it shows usage.
>How-To-Repeat:
Put comments in your firewall-rule file, and try:
# ipfw /path/to/your/rulefile
And you will get the message:
usage: ipfw [options]
do "ipfw -h" or see ipfw manpage for details
>Fix:
Apply this patch.
--- ipfw2.c.orig Sat Jul 12 19:26:36 2003
+++ ipfw2.c Mon Jul 14 17:39:52 2003
@@ -3897,10 +3897,22 @@
while (fgets(buf, BUFSIZ, f)) { /* read commands */
char linename[10];
char *args[1];
+ char *p;
lineno++;
sprintf(linename, "Line %d", lineno);
setprogname(linename); /* XXX */
+
+ /* Check comment */
+ if ((p = strchr(buf, '#'))) {
+ *p = '\0';
+ }
+
+ /* Ignore whitespace-only line */
+ for (p = buf; *p == ' '; p++);
+ if (*p == '\0')
+ continue;
+
args[0] = buf;
ipfw_main(1, args);
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list