Julian Elischer wrote:
I do know it won't handle non contiguous masks well but as the
ipfw ABI code only accepts a network mask length instead of a
mask, there's not much that can be done.
I may suggest a later fix for that but it will break the ABI.
comments?
What you think about my patch?
--
WBR, Andrey V. Elsukov
Index: src/sbin/ipfw/ipfw2.c
===================================================================
RCS file: /ncvs/src/sbin/ipfw/ipfw2.c,v
retrieving revision 1.118
diff -u -p -r1.118 ipfw2.c
--- src/sbin/ipfw/ipfw2.c 27 Feb 2008 13:52:33 -0000 1.118
+++ src/sbin/ipfw/ipfw2.c 17 Apr 2008 05:45:27 -0000
@@ -5833,7 +5833,7 @@ table_handler(int ac, char *av[])
ipfw_table_entry ent;
ipfw_table *tbl;
int do_add;
- char *p;
+ char *p, md;
socklen_t l;
uint32_t a;
@@ -5850,10 +5850,22 @@ table_handler(int ac, char *av[])
ac--; av++;
if (!ac)
errx(EX_USAGE, "IP address required");
- p = strchr(*av, '/');
+ p = strpbrk(*av, "/:");
if (p) {
+ md = *p;
*p++ = '\0';
- ent.masklen = atoi(p);
+ switch (md) {
+ case ':':
+ if (!inet_aton(p, (struct in_addr *)&a))
+ errx(EX_DATAERR, "bad netmask ``%s''",
p);
+ ent.masklen = contigmask((uint8_t *)&a, 32);
+ if (ent.masklen > 32)
+ errx(EX_DATAERR,
+ "netmask ``%s'' is not
contiguous", p);
+ break;
+ case '/':
+ ent.masklen = atoi(p);
+ }
if (ent.masklen > 32)
errx(EX_DATAERR, "bad width ``%s''", p);
} else
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
