In struct ip_fw, the member timespace becomes padded with 32-bits
because a pointer follows it. This causes the RULESIZE() macro to
miscalculate the size of the rule by 4 bytes. Resulting in EINVAL
and kernel warnings:
bowie# ipfw add allow all from me to 192.168.3.1
00000 allow ip from me to 192.168.3.1
ipfw: size mismatch (have 64 want 68)
ipfw: getsockopt(IP_FW_ADD): Invalid argument
(Shouldn't 00000 be 00100?)
I worked around the breakage by moving next_rule to the second
position in the struct. I imagine the real solution involves not
jamming kernel pointers into public interfaces.
Also, ipfw(8) has lots of warnings as a result of printf()s with
deprecated quad_t's. This should be easily fixed by using intmax_t's.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message