svn commit: r272577 - in stable/10: etc etc/defaults share/man/man5

Sun, 05 Oct 2014 16:33:23 -0700 

Author: bdrewery
Date: Sun Oct  5 23:32:58 2014
New Revision: 272577
URL: https://svnweb.freebsd.org/changeset/base/272577

Log:
  MFC r271424:
  
    - Add $netif_ipexpand_max to specify the upper limit for the number of
      addresses generated by an address range specification.  The default value
      is 2048.  This can be increased by setting $netif_ipexpand_max in rc.conf.
  
  PR:   186841

Modified:
  stable/10/etc/defaults/rc.conf
  stable/10/etc/network.subr
  stable/10/share/man/man5/rc.conf.5
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/defaults/rc.conf
==============================================================================
--- stable/10/etc/defaults/rc.conf      Sun Oct  5 22:13:13 2014        
(r272576)
+++ stable/10/etc/defaults/rc.conf      Sun Oct  5 23:32:58 2014        
(r272577)
@@ -110,6 +110,7 @@ synchronous_dhclient="NO"   # Start dhclie
                                # interfaces during startup.
 defaultroute_delay="30"                # Time to wait for a default route on a 
DHCP interface.
 defaultroute_carrier_delay="5" # Time to wait for carrier while waiting for a 
default route.
+netif_ipexpand_max="2048"      # Maximum number of IP addrs in a range spec.
 wpa_supplicant_program="/usr/sbin/wpa_supplicant"
 wpa_supplicant_flags="-s"      # Extra flags to pass to wpa_supplicant
 wpa_supplicant_conf_file="/etc/wpa_supplicant.conf"

Modified: stable/10/etc/network.subr
==============================================================================
--- stable/10/etc/network.subr  Sun Oct  5 22:13:13 2014        (r272576)
+++ stable/10/etc/network.subr  Sun Oct  5 23:32:58 2014        (r272577)
@@ -25,9 +25,7 @@
 # $FreeBSD$
 #
 IFCONFIG_CMD="/sbin/ifconfig"
-
-# Maximum number of addresses expanded from a address range specification.
-_IPEXPANDMAX=31
+: ${netif_ipexpand_max:=2048}
 
 #
 # Subroutines commonly used from network startup scripts.
@@ -888,8 +886,8 @@ ifalias_expand_addr_inet()
                _ipcount=$_iplow
                while [ "$_ipcount" -le "$_iphigh" ]; do
                        _retstr="${_retstr} 
${_iphead}${_iphead:+.}${_ipcount}${_iptail:+.}${_iptail}${_plen:+/}${_plen}"
-                       if [ $_ipcount -gt $(($_iplow + $_IPEXPANDMAX)) ]; then
-                               warn "Range specification is too large 
(${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_iphigh}${_iptail:+.}${_iptail}).
  
${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_ipcount}${_iptail:+.}${_iptail}
 was processed."
+                       if [ $_ipcount -gt $(($_iplow + $netif_ipexpand_max)) 
]; then
+                               warn "Range specification is too large 
(${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_iphigh}${_iptail:+.}${_iptail}).
  
${_iphead}${_iphead:+.}${_iplow}${_iptail:+.}${_iptail}-${_iphead}${_iphead:+.}${_ipcount}${_iptail:+.}${_iptail}
 was processed.  Increase \$netif_ipexpand_max in rc.conf."
                                break
                        else
                                _ipcount=$(($_ipcount + 1))
@@ -978,9 +976,9 @@ ifalias_expand_addr_inet6()
                                            $_ipleft $_ipcount $_ipright \
                                            ${_plen:+/}$_plen`
                                        _retstr="$_retstr $_r"
-                                       if [ $_ipcount -gt $(($_iplow + 
$_IPEXPANDMAX)) ]
+                                       if [ $_ipcount -gt $(($_iplow + 
$netif_ipexpand_max)) ]
                                        then
-                                               warn "Range specification is 
too large $(printf '(%s:%04x%s-%s:%04x%s)' $_ipleft $_iplow $_ipright $_ipleft 
$_iphigh $_ipright). $(printf '%s:%04x%s-%s:%04x%s' $_ipleft $_iplow $_ipright 
$_ipleft $_ipcount $_ipright) was processed."
+                                               warn "Range specification is 
too large $(printf '(%s:%x%s-%s:%x%s)' "$_ipleft" "$_iplow" "$_ipright" 
"$_ipleft" "$_iphigh" "$_ipright"). $(printf '%s:%x%s-%s:%x%s' "$_ipleft" 
"$_iplow" "$_ipright" "$_ipleft" "$_ipcount" "$_ipright") was processed.  
Increase \$netif_ipexpand_max in rc.conf."
                                                break
                                        else
                                                _ipcount=$(($_ipcount + 1))

Modified: stable/10/share/man/man5/rc.conf.5
==============================================================================
--- stable/10/share/man/man5/rc.conf.5  Sun Oct  5 22:13:13 2014        
(r272576)
+++ stable/10/share/man/man5/rc.conf.5  Sun Oct  5 23:32:58 2014        
(r272577)
@@ -1159,6 +1159,19 @@ or
 .Li inet6 2001:db8:1-f::1/64 .
 This notation allows address and prefix length part only,
 not the other address modifiers.
+Note that the maximum number of the generated addresses from a range
+specification is limited to an integer value specified in
+.Va netif_ipexpand_max
+in
+.Xr rc.conf 5
+because a small typo can unexpectedly generate a large number of addresses.
+The default value is
+.Li 2048 .
+It can be increased by adding the following line into
+.Xr rc.conf 5 :
+.Bd -literal
+netif_ipexpand_max="4096"
+.Ed
 .Pp
 In the case of
 .Li 192.0.2.5-23/24 ,
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to