Page MenuHomeFreeBSD

ipfw(8): When checking for IPv4 in add_src() and add_dat(), don't assume !IPv6 is IPv4
AbandonedPublic

Authored by neel_neelc.org on Sep 26 2019, 10:07 PM.

Details

Summary

When checking for IPv4 in add_src() and add_dat(), don't assume !IPv6 is IPv4. Revised patch which also takes the "any" operator into account.

Also, switch to if...else if statements.

Submitted by: Neel Chauhan <neel AT neelc DOT org>

Diff Detail

Repository
rS FreeBSD src repository
Lint
Lint Skipped
Unit
Unit Tests Skipped

Event Timeline

neel_neelc.org retitled this revision from ipfw(8): Check for IPv4 in add_src() and add_dat, don't assume !IPv6 is IPv4 to ipfw(8): When checking for IPv4 in add_src() and add_dat(), don't assume !IPv6 is IPv4.Dec 23 2019, 11:52 PM
neel_neelc.org edited the summary of this revision. (Show Details)

LGTM.

Could you please consider avoiding putting the diffs without the context next time?

sbin/ipfw/ipfw2.c
3750

Why not if .. else if .. else if pattern?

neel_neelc.org edited the summary of this revision. (Show Details)
neel_neelc.org marked an inline comment as done.
This revision is now accepted and ready to land.Feb 13 2020, 6:49 PM

In the current state, it breaks rules with "any" keyword specified as a destination.
Could you please add atf-based tests on the proposed changes?

The issue is the use of "strcmp(av, "any") != 0" which should be "strcmp(av, "any") == 0"

I opened a new revision to fix the issue at D24025.

neel_neelc.org edited the summary of this revision. (Show Details)

This patch should fix the "any" use case.

About the atf-sh tests, I can write them. Let's first commit D24021 since there will be a merge conflict with the two.

I'm merging this effort with D24021.