ipfw add pipe broken in RELENG_6
Mike Tancsa
mike at sentex.net
Tue Apr 3 02:39:14 UTC 2007
At 10:07 AM 4/1/2007, JoaoBR wrote:
>it seems I can not add pipes with releng6 sources from the last days
>
>ipfw add pipe 1 ip from any to any
>ipfw: getsockopt(IP_FW_ADD): Invalid argument
I think this is whats needed in /usr/src/sbin/ipfw. Looking at the
diffs between HEAD and RELENG_6 (apart from the kernel nat stuff),
below seems to be whats different.
[smicro1U]# diff -u ipfw2.c.orig ipfw2.c
--- ipfw2.c.orig Mon Apr 2 22:28:33 2007
+++ ipfw2.c Mon Apr 2 22:30:45 2007
@@ -3973,11 +3973,9 @@
break;
case TOK_QUEUE:
- action->len = F_INSN_SIZE(ipfw_insn_pipe);
action->opcode = O_QUEUE;
goto chkarg;
case TOK_PIPE:
- action->len = F_INSN_SIZE(ipfw_insn_pipe);
action->opcode = O_PIPE;
goto chkarg;
case TOK_SKIPTO:
@@ -4043,11 +4041,13 @@
"illegal forwarding port ``%s''", s);
p->sa.sin_port = (u_short)i;
}
- lookup_host(*av, &(p->sa.sin_addr));
- }
+ if (_substrcmp(*av, "tablearg") == 0)
+ p->sa.sin_addr.s_addr = INADDR_ANY;
+ else
+ lookup_host(*av, &(p->sa.sin_addr));
ac--; av++;
break;
-
+ }
case TOK_COMMENT:
/* pretend it is a 'count' rule followed by the comment */
action->opcode = O_COUNT;
[smicro1U]#
The command seems to be getting tripped up in /usr/src/sys/netinet/ip_fw2.c
case O_QUEUE:
if (cmdlen != F_INSN_SIZE(ipfw_insn))
goto bad_size;
goto check_action;
where size=2 and cmdlen=1 on opcode=50
---Mike
More information about the freebsd-stable
mailing list