svn commit: r287963 - in stable/10: sbin/ipfw sys/netinet sys/netpfil/ipfw
Alexander V. Chernikov
melifaro at FreeBSD.org
Fri Sep 18 17:29:26 UTC 2015
Author: melifaro
Date: Fri Sep 18 17:29:24 2015
New Revision: 287963
URL: https://svnweb.freebsd.org/changeset/base/287963
Log:
MFC r266310
Fix wrong formatting of 0.0.0.0/X table records in ipfw(8).
Add `flags` u16 field to the hole in ipfw_table_xentry structure.
Kernel has been guessing address family for supplied record based
on xent length size.
Userland, however, has been getting fixed-size ipfw_table_xentry structures
guessing address family by checking address by IN6_IS_ADDR_V4COMPAT().
Fix this behavior by providing specific IPFW_TCF_INET flag for IPv4 records.
PR: bin/189471,kern/200169
Modified:
stable/10/sbin/ipfw/ipfw2.c
stable/10/sys/netinet/ip_fw.h
stable/10/sys/netpfil/ipfw/ip_fw_table.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/sbin/ipfw/ipfw2.c
==============================================================================
--- stable/10/sbin/ipfw/ipfw2.c Fri Sep 18 17:17:40 2015 (r287962)
+++ stable/10/sbin/ipfw/ipfw2.c Fri Sep 18 17:29:24 2015 (r287963)
@@ -4389,7 +4389,7 @@ table_list(uint16_t num, int need_header
addr6 = &xent->k.addr6;
- if (IN6_IS_ADDR_V4COMPAT(addr6)) {
+ if ((xent->flags & IPFW_TCF_INET) != 0) {
/* IPv4 address */
inet_ntop(AF_INET, &addr6->s6_addr32[3], tbuf, sizeof(tbuf));
} else {
Modified: stable/10/sys/netinet/ip_fw.h
==============================================================================
--- stable/10/sys/netinet/ip_fw.h Fri Sep 18 17:17:40 2015 (r287962)
+++ stable/10/sys/netinet/ip_fw.h Fri Sep 18 17:29:24 2015 (r287963)
@@ -614,6 +614,7 @@ typedef struct _ipfw_table_xentry {
uint8_t type; /* entry type */
uint8_t masklen; /* mask length */
uint16_t tbl; /* table number */
+ uint16_t flags; /* record flags */
uint32_t value; /* value */
union {
/* Longest field needs to be aligned by 4-byte boundary */
@@ -621,6 +622,7 @@ typedef struct _ipfw_table_xentry {
char iface[IF_NAMESIZE]; /* interface name */
} k;
} ipfw_table_xentry;
+#define IPFW_TCF_INET 0x01 /* CIDR flags: IPv4 record */
typedef struct _ipfw_table {
u_int32_t size; /* size of entries in bytes */
Modified: stable/10/sys/netpfil/ipfw/ip_fw_table.c
==============================================================================
--- stable/10/sys/netpfil/ipfw/ip_fw_table.c Fri Sep 18 17:17:40 2015 (r287962)
+++ stable/10/sys/netpfil/ipfw/ip_fw_table.c Fri Sep 18 17:29:24 2015 (r287963)
@@ -697,6 +697,7 @@ dump_table_xentry_base(struct radix_node
xent->masklen = 33 - ffs(ntohl(n->mask.sin_addr.s_addr));
/* Save IPv4 address as deprecated IPv6 compatible */
xent->k.addr6.s6_addr32[3] = n->addr.sin_addr.s_addr;
+ xent->flags = IPFW_TCF_INET;
xent->value = n->value;
tbl->cnt++;
return (0);
More information about the svn-src-stable
mailing list