Behavior of `ipfw table n list' in 7.0
Julian Elischer
julian at elischer.org
Fri Mar 14 17:51:28 PDT 2008
Christopher Cowart wrote:
> Hello,
>
> I've been debugging some scripts for the better part of the hour, and
> finally figured out what's going on.
>
> On 6.2, `ipfw table 3 list' outputs:
> 169.229.127.61/32 100127061
>
> But on 7.0, `ipfw table 4 list' outputs:
> 10.9.156.254/32 11.237.178.84
>
> They're different tables with different values, but what's shocking is
> the change to dotted-quad representation on 7.0.
>
> I notice in ipfw(8) on 7.0, tablearg is now a valid value to fwd. The
> thing is, according to the 'LOOKUP TABLES' section of the man page,
> "Associated with each entry is a 32-bit unsigned value". It's very
> explicitly *not* an IP address, because tablearg can be used for all
> sorts of other things, like indexing pipes, specifying tag values, or in
> my case, holding netgraph cookies.
>
> It's not a big deal -- I already had an ip_to_number function in my
> shell library, and now that I know what the issue is, I can deal with
> it.
>
> I wanted to bring it up, because printing something that's not an IP
> address in dotted-quad notation seems misleading and confusing.
>
I think the dotted quad part is mentioned somewhere, but anyhow
a patch was put in to add a specific option to ipfw(8) to request
the quad notation If you get a new version of ipfw(8) it should
have the fix..
Or pull the fix from the freebsd source cvs web page..
pull and apply the diff for revision 1.114 from the following page
http://www.freebsd.org/cgi/cvsweb.cgi/src/sbin/ipfw/ipfw2.c
and apply it and then reinstall it.
that reminds me I need to merge this back to RELENG_7
More information about the freebsd-net
mailing list