[luigi@FreeBSD.org: cvs commit: src/sbin/ipfw ipfw2.c]
MATOBA Hirozumi
matoba at st.rim.or.jp
Sat Jul 12 10:41:35 PDT 2003
On Sat, 12 Jul 2003 00:22:22 -0700, Luigi Rizzo wrote:
| * implement comments in ipfw commands. These are implemented in the
| kernel as O_NOP commands (which always match) whose body contains
| the comment string. In userland, a comment is a C++-style comment
| appended to the rule:
|
| ipfw add allow ip from me to any // i can talk to everybody
I use ipfw like as
/sbin/ipfw -p /usr/bin/cpp /etc/firewall
because I put '#define", "#if 0", etc. in /etc/firewall.
So some lines that are passed to ipfw_main() may be empty.
But, in ipfw_main() of new ipfw2.c line 3609 (v 1.33 2003/07/12 08:35:25),
if (l == 0) /* empty string! */
show_usage();
So when I used new ipfw, I got error below.
command is /usr/bin/cpp
usage: ipfw [options]
do "ipfw -h" or see ipfw manpage for details
I tried an ad hoc change
if (l == 0) /* empty string! */
return(0);
and re-compile ipfw,
then ipfw worked as well as before updating ipfw.
(I'm not sure this ad hoc change is proper or not)
--
matoba at st.rim.or.jp
More information about the freebsd-ipfw
mailing list