summaryrefslogtreecommitdiffstats
path: root/sbin
diff options
context:
space:
mode:
authorjulian <julian@FreeBSD.org>2008-02-18 19:56:09 +0000
committerjulian <julian@FreeBSD.org>2008-02-18 19:56:09 +0000
commitbe6b4b9b616cc7d00e7671e3563ab0907db86fec (patch)
tree351c8bb825cd72f4bc8333d014b9acf6be1a2823 /sbin
parent0a944b08e472ad60fa74b8129248277a2d9b4b4f (diff)
downloadFreeBSD-src-be6b4b9b616cc7d00e7671e3563ab0907db86fec.zip
FreeBSD-src-be6b4b9b616cc7d00e7671e3563ab0907db86fec.tar.gz
Instead of using a heuristic to decide whether to display
table 'values' as IP addresses, use an explicit argument (-i). This is a 'POLA' issue. This is a low risk change and should be MFC'd to RELENG_6 and RELENG 7. it might be put as an errata item for 6.3. (not sure about 6.2). Fix suggested by: Eugene Grosbein PR: 120720 MFC After: 3 days
Diffstat (limited to 'sbin')
-rw-r--r--sbin/ipfw/ipfw.85
-rw-r--r--sbin/ipfw/ipfw2.c15
2 files changed, 14 insertions, 6 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8
index 67ed262..0ea3b7a 100644
--- a/sbin/ipfw/ipfw.8
+++ b/sbin/ipfw/ipfw.8
@@ -218,6 +218,11 @@ Do not ask for confirmation for commands that can cause problems
if misused,
.No i.e. Cm flush .
If there is no tty associated with the process, this is implied.
+.It Fl i
+While listing a table (see the
+.Sx LOOKUP TABLES
+section below for more information on lookup tables), format values
+as IP addresses. By default, values are shown as integers.
.It Fl n
Only check syntax of the command strings, without actually passing
them to the kernel.
diff --git a/sbin/ipfw/ipfw2.c b/sbin/ipfw/ipfw2.c
index f5b3ae9..1366ab2 100644
--- a/sbin/ipfw/ipfw2.c
+++ b/sbin/ipfw/ipfw2.c
@@ -66,6 +66,7 @@
#include <alias.h>
int
+ do_value_as_ip, /* show table value as IP */
do_resolv, /* Would try to resolve all */
do_time, /* Show time stamps */
do_quiet, /* Be quiet in add and flush */
@@ -5898,22 +5899,20 @@ table_handler(int ac, char *av[])
if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
for (a = 0; a < tbl->cnt; a++) {
- /* Heuristic to print it the right way */
- /* values < 64k are printed as numbers */
unsigned int tval;
tval = tbl->ent[a].value;
- if (tval > 0xffff) {
+ if (do_value_as_ip) {
char tbuf[128];
strncpy(tbuf, inet_ntoa(*(struct in_addr *)
&tbl->ent[a].addr), 127);
- /* inet_ntoa expects host order */
+ /* inet_ntoa expects network order */
tval = htonl(tval);
printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
inet_ntoa(*(struct in_addr *)&tval));
} else {
printf("%s/%u %u\n",
inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
- tbl->ent[a].masklen, tbl->ent[a].value);
+ tbl->ent[a].masklen, tval);
}
}
} else
@@ -6096,7 +6095,7 @@ ipfw_main(int oldac, char **oldav)
save_av = av;
optind = optreset = 0;
- while ((ch = getopt(ac, av, "abcdefhnNqs:STtv")) != -1)
+ while ((ch = getopt(ac, av, "abcdefhinNqs:STtv")) != -1)
switch (ch) {
case 'a':
do_acct = 1;
@@ -6128,6 +6127,10 @@ ipfw_main(int oldac, char **oldav)
help();
break; /* NOTREACHED */
+ case 'i':
+ do_value_as_ip = 1;
+ break;
+
case 'n':
test_only = 1;
break;
OpenPOWER on IntegriCloud