o Do nothing in show_nat() for a test mode (-n). This prevents
show_nat() from endless loop and makes work ipfw -n nat <...>. PR: bin/128064 Submitted by: sem MFC after: 1 month
This commit is contained in:
parent
19ff29fb35
commit
92531c02e6
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=183889
@ -3855,9 +3855,6 @@ setup_redir_proto(char *spool_buf, int len,
|
||||
errx(EX_DATAERR, "redirect_proto: buf is too small\n");
|
||||
}
|
||||
|
||||
static void
|
||||
show_nat(int ac, char **av);
|
||||
|
||||
static void
|
||||
print_nat_config(char *buf) {
|
||||
struct cfg_nat *n;
|
||||
@ -4066,11 +4063,6 @@ config_nat(int ac, char **av)
|
||||
i = do_cmd(IP_FW_NAT_CFG, buf, off);
|
||||
if (i)
|
||||
err(1, "setsockopt(%s)", "IP_FW_NAT_CFG");
|
||||
|
||||
/* After every modification, we show the resultant rule. */
|
||||
int _ac = 3;
|
||||
char *_av[] = {"show", "config", id};
|
||||
show_nat(_ac, _av);
|
||||
}
|
||||
|
||||
static void
|
||||
@ -6035,6 +6027,9 @@ show_nat(int ac, char **av)
|
||||
lrule = IPFW_DEFAULT_RULE; /* max ipfw rule number */
|
||||
ac--; av++;
|
||||
|
||||
if (test_only)
|
||||
return;
|
||||
|
||||
/* Parse parameters. */
|
||||
for (cmd = IP_FW_NAT_GET_LOG, do_cfg = 0; ac != 0; ac--, av++) {
|
||||
if (!strncmp(av[0], "config", strlen(av[0]))) {
|
||||
@ -6059,6 +6054,7 @@ show_nat(int ac, char **av)
|
||||
if (do_cmd(cmd, data, (uintptr_t)&nbytes) < 0)
|
||||
err(EX_OSERR, "getsockopt(IP_FW_GET_%s)",
|
||||
(cmd == IP_FW_NAT_GET_LOG) ? "LOG" : "CONFIG");
|
||||
printf("nbytes %b\n", nbytes);
|
||||
}
|
||||
if (nbytes == 0)
|
||||
exit(0);
|
||||
|
Loading…
Reference in New Issue
Block a user