In struct ip_fw, the member timespace becomes padded with 32-bits because a pointer follows it. This causes the RULESIZE() macro to miscalculate the size of the rule by 4 bytes. Resulting in EINVAL and kernel warnings:
%%% bowie# ipfw add allow all from me to 192.168.3.1 00000 allow ip from me to 192.168.3.1 ipfw: size mismatch (have 64 want 68) ipfw: getsockopt(IP_FW_ADD): Invalid argument %%% (Shouldn't 00000 be 00100?) I worked around the breakage by moving next_rule to the second position in the struct. I imagine the real solution involves not jamming kernel pointers into public interfaces. Also, ipfw(8) has lots of warnings as a result of printf()s with deprecated quad_t's. This should be easily fixed by using intmax_t's. Best regards, Mike Barcroft To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
