D50597.id156252.diff
No OneTemporary
Actions

Size

3 KB

Referenced Files

None

Subscribers

None

D50597.id156252.diff
View Options

	diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8
	--- a/sbin/ipfw/ipfw.8
	+++ b/sbin/ipfw/ipfw.8
	@@ -1,5 +1,5 @@
	.\"
	-.Dd April 18, 2025
	+.Dd May 29, 2025
	.Dt IPFW 8
	.Os
	.Sh NAME
	@@ -3834,11 +3834,11 @@
	.Pp
	The following parameters can be configured:
	.Bl -tag -width indent
	-.It Cm int_prefix Ar ipv6_prefix
	-IPv6 prefix used in internal network.
	+.It Cm int_prefix Ar ipv6_netaddr
	+IPv6 network address of prefix used in internal network.
	NPTv6 module translates source address when it matches this prefix.
	-.It Cm ext_prefix Ar ipv6_prefix
	-IPv6 prefix used in external network.
	+.It Cm ext_prefix Ar ipv6_netaddr
	+IPv6 network address of prefix used in external network.
	NPTv6 module translates destination address when it matches this prefix.
	.It Cm ext_if Ar nic
	The NPTv6 module will use first global IPv6 address from interface
	diff --git a/sbin/ipfw/nptv6.c b/sbin/ipfw/nptv6.c
	--- a/sbin/ipfw/nptv6.c
	+++ b/sbin/ipfw/nptv6.c
	@@ -155,28 +155,22 @@


	static void
	-nptv6_parse_prefix(const char arg, struct in6_addr prefix, int *len)
	+nptv6_parse_prefix(const char arg, struct in6_addr prefix)
	{
	- char p, l;
	+ char *p;

	p = strdup(arg);
	if (p == NULL)
	err(EX_OSERR, NULL);
	- if ((l = strchr(p, '/')) != NULL)
	- *l++ = '\0';
	+ if (strchr(p, '/') != NULL)
	+ errx(EX_USAGE,
	+ "Bad IPv6 network address: %s\nUse prefixlen option instead", arg);
	if (inet_pton(AF_INET6, p, prefix) != 1)
	errx(EX_USAGE, "Bad prefix: %s", p);
	- if (l != NULL) {
	- *len = (int)strtol(l, &l, 10);
	- if (l != '\0' \|\| len <= 0 \|\| *len > 64)
	- errx(EX_USAGE, "Bad prefix length: %s", arg);
	- } else
	- *len = 0;
	free(p);
	}
	/*
	* Creates new nptv6 instance
	- * ipfw nptv6 <NAME> create int_prefix <prefix> ext_prefix <prefix>
	* Request: [ ipfw_obj_lheader ipfw_nptv6_cfg ]
	*/
	#define NPTV6_HAS_INTPREFIX 0x01
	@@ -204,22 +198,18 @@

	switch (tcmd) {
	case TOK_INTPREFIX:
	- NEED1("IPv6 prefix required");
	- nptv6_parse_prefix(*av, &cfg->internal, &plen);
	+ NEED1("IPv6 network address required");
	+ nptv6_parse_prefix(*av, &cfg->internal);
	flags \|= NPTV6_HAS_INTPREFIX;
	- if (plen > 0)
	- goto check_prefix;
	ac--; av++;
	break;
	case TOK_EXTPREFIX:
	if (flags & NPTV6_HAS_EXTPREFIX)
	errx(EX_USAGE,
	"Only one ext_prefix or ext_if allowed");
	- NEED1("IPv6 prefix required");
	- nptv6_parse_prefix(*av, &cfg->external, &plen);
	+ NEED1("IPv6 network address required");
	+ nptv6_parse_prefix(*av, &cfg->external);
	flags \|= NPTV6_HAS_EXTPREFIX;
	- if (plen > 0)
	- goto check_prefix;
	ac--; av++;
	break;
	case TOK_EXTIF:
	@@ -237,16 +227,8 @@
	case TOK_PREFIXLEN:
	NEED1("IPv6 prefix length required");
	plen = strtol(*av, &p, 10);
	-check_prefix:
	if (*p != '\0' \|\| plen < 8 \|\| plen > 64)
	errx(EX_USAGE, "wrong prefix length: %s", *av);
	- /* RFC 6296 Sec. 3.1 */
	- if (cfg->plen > 0 && cfg->plen != plen) {
	- warnx("Prefix length mismatch (%d vs %d). "
	- "It was extended up to %d",
	- cfg->plen, plen, MAX(plen, cfg->plen));
	- plen = MAX(plen, cfg->plen);
	- }
	cfg->plen = plen;
	flags \|= NPTV6_HAS_PREFIXLEN;
	ac--; av++;

File Metadata

Mime Type: text/plain
Expires: Sun, May 24, 1:15 AM (19 h, 52 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 33460694
Default Alt Text: D50597.id156252.diff (3 KB)

D50597.id156252.diffNo OneTemporaryActions

D50597.id156252.diffView Options

File Metadata

Event Timeline

D50597.id156252.diff
No OneTemporary
Actions

D50597.id156252.diff
View Options