Page MenuHomeFreeBSD

ipfw(8): When checking for IPv4 in add_src() and add_dat(), don't assume !IPv6 is IPv4
AbandonedPublic

Authored by nc on Sep 26 2019, 10:07 PM.

Details

Summary

When checking for IPv4 in add_src() and add_dat(), don't assume !IPv6 is IPv4. Revised patch which also takes the "any" operator into account.

Also, switch to if...else if statements.

Submitted by: Neel Chauhan <neel AT neelc DOT org>

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Unit Tests Skipped

Event Timeline

nc retitled this revision from ipfw(8): Check for IPv4 in add_src() and add_dat, don't assume !IPv6 is IPv4 to ipfw(8): When checking for IPv4 in add_src() and add_dat(), don't assume !IPv6 is IPv4.Dec 23 2019, 11:52 PM
nc edited the summary of this revision. (Show Details)

LGTM.

Could you please consider avoiding putting the diffs without the context next time?

sbin/ipfw/ipfw2.c
3750

Why not if .. else if .. else if pattern?

nc edited the summary of this revision. (Show Details)
nc marked an inline comment as done.
This revision is now accepted and ready to land.Feb 13 2020, 6:49 PM

In the current state, it breaks rules with "any" keyword specified as a destination.
Could you please add atf-based tests on the proposed changes?

The issue is the use of "strcmp(av, "any") != 0" which should be "strcmp(av, "any") == 0"

I opened a new revision to fix the issue at D24025.

nc edited the summary of this revision. (Show Details)

This patch should fix the "any" use case.

About the atf-sh tests, I can write them. Let's first commit D24021 since there will be a merge conflict with the two.

I'm merging this effort with D24021.