Re: bin/127058: [patch] add "all" command line option to ipfw(8) table listing

2008-09-02 Thread linimon
Old Synopsis: add "all" command line option to ipfw table listing
New Synopsis: [patch] add "all" command line option to ipfw(8) table listing

Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw
Responsible-Changed-By: linimon
Responsible-Changed-When: Wed Sep 3 03:19:50 UTC 2008
Responsible-Changed-Why: 
Over to maintainer(s).

http://www.freebsd.org/cgi/query-pr.cgi?pr=127058
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: bin/127058: add "all" command line option to ipfw table listing

2008-09-02 Thread ganbold
The following reply was made to PR bin/127058; it has been noted by GNATS.

From: ganbold <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc:  
Subject: Re: bin/127058: add "all" command line option to ipfw table listing
Date: Wed, 03 Sep 2008 11:45:06 +0800

 I guess more complete ipfw(8) part of patch is here:
 
 --- ipfw.8-original2008-09-01 17:08:35.0 +0800
 +++ ipfw.82008-09-03 11:33:30.0 +0800
 @@ -51,7 +51,9 @@
  .Nm
  .Cm table Ar number Cm flush
  .Nm
 -.Cm table Ar number Cm list
 +.Cm table
 +.Brq Ar number | all
 +.Cm list
  .Pp
  .Nm
  .Brq Cm pipe | queue
 @@ -2207,6 +2209,8 @@
  .It Em net.inet.ip.fw.debug : No 1
  Controls debugging messages produced by
  .Nm .
 +.It Em net.inet.ip.fw.tables_max : No 128
 +Maximum number of tables.
  .It Em net.inet.ip.fw.dyn_buckets : No 256
  The number of buckets in the hash table for dynamic rules.
  Must be a power of 2, up to 65536.
 
 thanks,
 
 Ganbold
 
 
 Ganbold wrote:
 >> Number: 127058
 >> Category:   bin
 >> Synopsis:   add "all" command line option to ipfw table listing
 >> Confidential:   no
 >> Severity:   non-critical
 >> Priority:   low
 >> Responsible:freebsd-bugs
 >> State:  open
 >> Quarter:
 >> Keywords:   
 >> Date-Required:
 >> Class:  sw-bug
 >> Submitter-Id:   current-users
 >> Arrival-Date:   Wed Sep 03 02:50:00 UTC 2008
 >> Closed-Date:
 >> Last-Modified:
 >> Originator: Ganbold
 >> Release:RELENG_7
 >> Organization:
 >> Environment:
 >> Description:
 >> 
 > Following patches add possibility to list IP addresses from all defined ipfw 
 > tables.
 >
 > For example:
 >
 > v02# ipfw table all list
 > ---table(1)---
 > 202.179.18.7/32 0
 > 202.179.27.132/32 0
 > 208.48.2.0/24 0
 > ---table(2)---
 > 202.72.244.226/32 0
 > ---table(3)---
 > 61.222.9.212/32 0
 > 74.53.215.0/24 0
 > 75.125.150.0/24 0
 > 75.125.150.18/32 0
 > 75.126.214.0/24 0
 > 121.156.57.4/32 0
 > 163.29.176.20/32 0
 > 212.37.111.0/24 0
 > ---table(4)---
 > 64.202.163.213/32 0
 > ---table(5)---
 > 165.146.30.119/32 0
 > 196.207.13.5/32 0
 > .
 >
 > Patches are fully tested on RELENG_7 (FreeBSD 7.1-PRERELEASE #6: Wed Sep  3 
 > 10:02:27 ULAT 2008).
 >
 > Also these patches successfully applies to CURRENT.
 >
 >   
 >> How-To-Repeat:
 >> 
 >
 >   
 >> Fix:
 >> 
 > --- ip_fw2.c.orig2008-08-20 03:58:42.0 +0800
 > +++ ip_fw2.c 2008-09-03 09:53:29.0 +0800
 > @@ -254,7 +254,10 @@
 >  static u_int32_t static_len;/* size in bytes of static rules */
 >  static u_int32_t dyn_count; /* # of dynamic rules */
 >  static u_int32_t dyn_max = 4096;/* max # of dynamic rules */
 > +static u_int32_t tables_max = IPFW_TABLES_MAX;  /* max # of tables */
 >  
 > +SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, tables_max, CTLFLAG_RD,
 > +&tables_max, 0, "Max number of tables");
 >  SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW,
 >  &dyn_buckets, 0, "Number of dyn. buckets");
 >  SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, CTLFLAG_RD,
 >
 >
 >
 >
 > --- ipfw2.c.orig 2008-09-03 09:58:22.0 +0800
 > +++ ipfw2.c  2008-09-03 10:19:20.0 +0800
 > @@ -5860,22 +5860,27 @@
 >   *  ipfw table N add addr[/masklen] [value]
 >   *  ipfw table N delete addr[/masklen]
 >   *  ipfw table N flush
 > - *  ipfw table N list
 > + *  ipfw table N|all list
 >   */
 >  static void
 >  table_handler(int ac, char *av[])
 >  {
 >  ipfw_table_entry ent;
 >  ipfw_table *tbl;
 > -int do_add;
 > +int do_add, is_all = 0;
 >  char *p;
 >  socklen_t l;
 > -uint32_t a;
 > +uint32_t a, b, c;
 > +size_t len;
 >  
 >  ac--; av++;
 >  if (ac && isdigit(**av)) {
 >  ent.tbl = atoi(*av);
 >  ac--; av++;
 > +} else if (_substrcmp(*av, "all") == 0) {
 > +ent.tbl = 0;
 > +is_all = 1;
 > +ac--; av++;
 >  } else
 >  errx(EX_USAGE, "table number required");
 >  NEED1("table needs command");
 > @@ -5931,33 +5936,48 @@
 >  if (do_cmd(IP_FW_TABLE_FLUSH, &ent.tbl, sizeof(ent.tbl)) < 0)
 >  err(EX_OSERR, "setsockopt(IP_FW_TABLE_FLUSH)");
 >  } else if (_substrcmp(*av, "list") == 0) {
 > -a = ent.tbl;
 > -l = sizeof(a);
 > -if (do_cmd(IP_FW_TABLE_GETSIZE, &a, (uintptr_t)&l) < 0)
 > -err(EX_OSERR, "getsockopt(IP_FW_TABLE_GETSIZE)");
 > -l = sizeof(*tbl) + a * sizeof(ipfw_table_entry);
 > -tbl = malloc(l);
 > -if (tbl == NULL)
 > -err(EX_OSERR, "malloc");
 > -tbl->tbl = ent.tbl;
 > -if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
 > -err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
 > -for (a = 0; a < tbl->cnt; a++) {
 > -unsigned int tval;
 > -tval = tbl->ent[a].value;
 > -