diff options
author | julian <julian@FreeBSD.org> | 2008-02-18 19:56:09 +0000 |
---|---|---|
committer | julian <julian@FreeBSD.org> | 2008-02-18 19:56:09 +0000 |
commit | be6b4b9b616cc7d00e7671e3563ab0907db86fec (patch) | |
tree | 351c8bb825cd72f4bc8333d014b9acf6be1a2823 /sbin | |
parent | 0a944b08e472ad60fa74b8129248277a2d9b4b4f (diff) | |
download | FreeBSD-src-be6b4b9b616cc7d00e7671e3563ab0907db86fec.zip FreeBSD-src-be6b4b9b616cc7d00e7671e3563ab0907db86fec.tar.gz |
Instead of using a heuristic to decide whether to display
table 'values' as IP addresses, use an explicit argument (-i).
This is a 'POLA' issue. This is a low risk change and should be MFC'd
to RELENG_6 and RELENG 7. it might be put as an errata item for 6.3.
(not sure about 6.2).
Fix suggested by: Eugene Grosbein
PR: 120720
MFC After: 3 days
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ipfw/ipfw.8 | 5 | ||||
-rw-r--r-- | sbin/ipfw/ipfw2.c | 15 |
2 files changed, 14 insertions, 6 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index 67ed262..0ea3b7a 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -218,6 +218,11 @@ Do not ask for confirmation for commands that can cause problems if misused, .No i.e. Cm flush . If there is no tty associated with the process, this is implied. +.It Fl i +While listing a table (see the +.Sx LOOKUP TABLES +section below for more information on lookup tables), format values +as IP addresses. By default, values are shown as integers. .It Fl n Only check syntax of the command strings, without actually passing them to the kernel. diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c index f5b3ae9..1366ab2 100644 --- a/sbin/ipfw/ipfw2.c +++ b/sbin/ipfw/ipfw2.c @@ -66,6 +66,7 @@ #include <alias.h> int + do_value_as_ip, /* show table value as IP */ do_resolv, /* Would try to resolve all */ do_time, /* Show time stamps */ do_quiet, /* Be quiet in add and flush */ @@ -5898,22 +5899,20 @@ table_handler(int ac, char *av[]) if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0) err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)"); for (a = 0; a < tbl->cnt; a++) { - /* Heuristic to print it the right way */ - /* values < 64k are printed as numbers */ unsigned int tval; tval = tbl->ent[a].value; - if (tval > 0xffff) { + if (do_value_as_ip) { char tbuf[128]; strncpy(tbuf, inet_ntoa(*(struct in_addr *) &tbl->ent[a].addr), 127); - /* inet_ntoa expects host order */ + /* inet_ntoa expects network order */ tval = htonl(tval); printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen, inet_ntoa(*(struct in_addr *)&tval)); } else { printf("%s/%u %u\n", inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr), - tbl->ent[a].masklen, tbl->ent[a].value); + tbl->ent[a].masklen, tval); } } } else @@ -6096,7 +6095,7 @@ ipfw_main(int oldac, char **oldav) save_av = av; optind = optreset = 0; - while ((ch = getopt(ac, av, "abcdefhnNqs:STtv")) != -1) + while ((ch = getopt(ac, av, "abcdefhinNqs:STtv")) != -1) switch (ch) { case 'a': do_acct = 1; @@ -6128,6 +6127,10 @@ ipfw_main(int oldac, char **oldav) help(); break; /* NOTREACHED */ + case 'i': + do_value_as_ip = 1; + break; + case 'n': test_only = 1; break; |