IPFW tables trouble&In-Reply-To=4FB49F70.2000209 at FreeBSD.org
Alexander V. Chernikov
melifaro at ipfw.ru
Fri Mar 22 10:21:27 UTC 2013
On 20.03.2013 01:49, naPtu 3ah wrote:
> problem is still here
>
> router5:/etc@[23:05] # ipfw show 12000-12200
> 12101 96 7236 count ip from any to 91.222.49.77 out via em0
> 12102 11614 7632355 allow ip from any to table(11) out via em0
> 12140 0 0 count ip from any to 91.222.49.77 out via em0
>
> router5:/etc@[23:05] # ipfw table 11 list
> 91.222.49.26/32 0
> router5:/etc@[23:06] # ipfw table 11 flush
> router5:/etc@[23:06] # ipfw table 11 flush
> router5:/etc@[23:06] # ipfw table 11 list
> 91.222.49.26/32 0
> router5:/etc@[23:06] # ipfw table 11 delete 91.222.49.26/32
> ipfw: setsockopt(IP_FW_TABLE_DEL): No such process
> router5:/etc@[23:06] # ipfw table 11 list
> 91.222.49.26/32 0
> router5:/etc@[23:06] # ipfw table 11 flush
> router5:/etc@[23:07] # ipfw table 11 list
> 91.222.49.26/32 0
> router5:/etc@[23:07] # uname -a
> FreeBSD router5 8.3-RELEASE-p5 FreeBSD 8.3-RELEASE-p5 #3: Tue Feb 5 06:55:47 EET 2013 root at icenet.net.ua:/usr/obj/usr/src/sys/ICENET3 i386
Can you please update to recent -STABLE (or at least apply attached
simple patch) and see if the problem remains?
>
>
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
-------------- next part --------------
Index: ip_fw_table.c
===================================================================
--- ip_fw_table.c (revision 232438)
+++ ip_fw_table.c (working copy)
@@ -96,7 +96,7 @@ ipfw_add_table_entry(struct ip_fw_chain *ch, uint1
struct table_entry *ent;
struct radix_node *rn;
- if (tbl >= IPFW_TABLES_MAX)
+ if ((tbl >= IPFW_TABLES_MAX) || (mlen > 32))
return (EINVAL);
rnh = ch->tables[tbl];
ent = malloc(sizeof(*ent), M_IPFW_TBL, M_NOWAIT | M_ZERO);
More information about the freebsd-ipfw
mailing list