svn commit: r252015 - in head: etc share/man/man5
Alan Somers
asomers at freebsd.org
Tue Mar 25 19:34:17 UTC 2014
On Wed, Jun 19, 2013 at 8:29 PM, Hiroki Sato <hrs at freebsd.org> wrote:
> Author: hrs
> Date: Thu Jun 20 02:29:49 2013
> New Revision: 252015
> URL: http://svnweb.freebsd.org/changeset/base/252015
>
> Log:
> - Add CIDR notation support like 192.168.1-2.10-16/24 to $ifconfig_IF_aliasN.
> This is an extended version of ipv4_addr_IF which supports both IPv4 and
> IPv6, and multiple range specifications. To avoid to generate too many
> addresses, the maximum number of the generated addresses is currently
> limited to 31.
>
> - Add $ifconfig_IF_aliases, which accepts multiple IP aliases in a variable.
>
> - ipv6_prefix_IF now supports !/64 prefix length. In addition to the old
> 64-bit format (2001:db8:1:1), a full 128-bit format like 2001:db8:1:1::/64
> is supported.
>
> - Replace ifconfig command with $IFCONFIG_CMD variable to support
> a dry-run mode in the future.
>
> - Remove IP aliases before removing all of IPv4 addresses when doing
> "rc.d/netif down".
>
> - Add a DAD wait to network6_getladdr() because it is possible to fail to
> configure an EUI64 address when ipv6_prefix_IF is specified.
>
> A summary of the supported ifconfig_* variables is as follows:
>
> # IPv4 configuration.
> ifconfig_em0="inet 192.168.0.1"
> # IPv6 configuration.
> ifconfig_em0_ipv6="inet6 2001:db8::1/64"
> # IPv4 address range spec. Now deprecated.
> ipv4_addr_em0="10.2.1.1-10"
> # IPv6 alias.
> ifconfig_em0_alias0="inet6 2001:db8:5::1 prefixlen 70"
> # IPv4 alias.
> ifconfig_em0_alias1="inet 10.2.2.1/24"
> # IPv4 alias with range spec w/o AF keyword (backward compat).
> ifconfig_em0_alias2="10.3.1.1-10/32"
> # IPv6 alias with range spec.
> ifconfig_em0_alias3="inet6 2001:db8:20-2f::1/64"
> # ifconfig_IF_aliases is just like ifconfig_IF_aliasN.
> ifconfig_em0_aliases="inet 10.3.3.201-204/24 inet6 2001:db8:210-213::1/64 inet 10.1.1.1/24"
> # IPv6 alias (backward compat)
> ipv6_ifconfig_em0_alias0="inet6 2001:db8:f::1/64"
> # IPv6 alias w/o AF keyword (backward compat)
> ipv6_ifconfig_em0_alias1="2001:db8:f:1::1/64"
> # IPv6 prefix.
> ipv6_prefix_em0="2001:db8::/64"
>
> Tested by: Kimmo Paasiala
>
> Modified:
> head/etc/network.subr
> head/share/man/man5/rc.conf.5
>
> Modified: head/etc/network.subr
> ==============================================================================
> --- head/etc/network.subr Thu Jun 20 02:26:32 2013 (r252014)
> +++ head/etc/network.subr Thu Jun 20 02:29:49 2013 (r252015)
> @@ -24,6 +24,10 @@
...
> + for _c in $_args; do
> + case $_c in
> + ${_af})
> + case $_tmpargs in
> + ${_af}\ *-*)
> + ifalias_af_common_handler $_if $_af $_action \
> + `ifalias_expand_addr $_af $_action ${_tmpargs#${_af}\ }`
> ;;
> - "")
...
> + # Process the last component if any.
> + if [ -n "$_tmpargs}" ]; then
> + case $_tmpargs in
> + ${_af}\ *-*)
> + ifalias_af_common_handler $_if $_af $_action \
> + `ifalias_expand_addr $_af $_action ${_tmpargs#${_af}\ }`
> + ;;
The "${_af}/ *-*" globbing pattern is too greedy. It matches -
characters that are not part of the IP address specification. The
example I found was "ifalias_af_common_handler igb1 inet -alias inet
192.168.34.45/20 fib 1 vhid 8 pass TtZeYgnyslwK6k6cItngoQAh1-E advskew
250". Note the "-" in the CARP password. This caused
ifalias_af_common_handler to get stuck in an infinite recursive loop.
In my case, the workaround was easy; I just used a CARP password with
no "-". But I can imagine other situations that might trigger this
same behavior, like "ifalias_af_common_handler igb1 inet
192.168.0.2/24 -group foo". It would be best if you tightened up the
globbing pattern.
-Alan
More information about the svn-src-head
mailing list