A bunch of changes (mostly syntactic sugar, all backward compatible):
* Make the addr-set size optional (defaults to /24) You can now write 1.2.3.0/24{56-80} or 1.2.3.0{56-80} Also make the parser more strict. * Support a new format for the list of addresses: 1.2.3.4,5.6.7.8/30,9.10.11.12/22,12.12.12.13, ... which exploits the new capabilities of O_IP_SRC_MASK/O_IP_DST_MASK * Allow spaces after commas to make lists of addresses more readable. 1.2.3.4, 5.6.7.8/30, 9.10.11.12/22, 12.12.12.13, ... * ipfw will now accept full commands as a single argument and strip extra leading/trailing whitespace as below: ipfw "-q add allow ip from 1.2.3.4 to 5.6.7.8, 9.10.11.23 " This should help in moving the body of ipfw into a library that user programs can invoke. * Cleanup some comments and data structures. * Do not print rule counters for dynamic rules with ipfw -d list (PR 51182) * Improve 'ipfw -h' output (PR 46785) * Add a '-n' flag to test the syntax of commands without actually calling [gs]etsockopt() (PR 44238) * Support the '-n' flag also with the preprocessors; Manpage commit to follow. MFC after: 3 days
This commit is contained in:
parent
7a1dfbc0d3
commit
571f8c1b7a