Instead of using a heuristic to decide whether to display

table 'values' as IP addresses, use an explicit argument (-i).
This is a 'POLA' issue. This is a low risk change and should be MFC'd
to RELENG_6 and RELENG 7. it might be put as an errata item for 6.3.
(not sure about 6.2).

Fix suggested by: Eugene Grosbein
PR: 	120720
MFC After: 3 days
This commit is contained in:
julian 2008-02-18 19:56:09 +00:00
parent 0a944b08e4
commit be6b4b9b61
2 changed files with 14 additions and 6 deletions

View File

@ -218,6 +218,11 @@ Do not ask for confirmation for commands that can cause problems
if misused,
.No i.e. Cm flush .
If there is no tty associated with the process, this is implied.
.It Fl i
While listing a table (see the
.Sx LOOKUP TABLES
section below for more information on lookup tables), format values
as IP addresses. By default, values are shown as integers.
.It Fl n
Only check syntax of the command strings, without actually passing
them to the kernel.

View File

@ -66,6 +66,7 @@
#include <alias.h>
int
do_value_as_ip, /* show table value as IP */
do_resolv, /* Would try to resolve all */
do_time, /* Show time stamps */
do_quiet, /* Be quiet in add and flush */
@ -5898,22 +5899,20 @@ table_handler(int ac, char *av[])
if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
for (a = 0; a < tbl->cnt; a++) {
/* Heuristic to print it the right way */
/* values < 64k are printed as numbers */
unsigned int tval;
tval = tbl->ent[a].value;
if (tval > 0xffff) {
if (do_value_as_ip) {
char tbuf[128];
strncpy(tbuf, inet_ntoa(*(struct in_addr *)
&tbl->ent[a].addr), 127);
/* inet_ntoa expects host order */
/* inet_ntoa expects network order */
tval = htonl(tval);
printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
inet_ntoa(*(struct in_addr *)&tval));
} else {
printf("%s/%u %u\n",
inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
tbl->ent[a].masklen, tbl->ent[a].value);
tbl->ent[a].masklen, tval);
}
}
} else
@ -6096,7 +6095,7 @@ ipfw_main(int oldac, char **oldav)
save_av = av;
optind = optreset = 0;
while ((ch = getopt(ac, av, "abcdefhnNqs:STtv")) != -1)
while ((ch = getopt(ac, av, "abcdefhinNqs:STtv")) != -1)
switch (ch) {
case 'a':
do_acct = 1;
@ -6128,6 +6127,10 @@ ipfw_main(int oldac, char **oldav)
help();
break; /* NOTREACHED */
case 'i':
do_value_as_ip = 1;
break;
case 'n':
test_only = 1;
break;