[src/trunk]: src/dist/ipf Fixed Darren's original IPv6 icmp-type patch (rev 1...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/dist/ipf Fixed Darren's original IPv6 icmp-type patch (rev 1...
From: martti <martti%NetBSD.org@localhost>
Date: Fri, 24 Jan 2020 10:24:46 +0000

details:   https://anonhg.NetBSD.org/src/rev/12a718b48f7b
branches:  trunk
changeset: 521756:12a718b48f7b
user:      martti <martti%NetBSD.org@localhost>
date:      Mon Feb 04 19:07:47 2002 +0000

description:
Fixed Darren's original IPv6 icmp-type patch (rev 1.8) to display
better error messages if the user tries to use symbolic names such
as "echo" and "echorep" in "ipv6-icmp ... icmp-type ..." rules.

Consider the following rules:

  # cat /etc/ipf6.conf
  pass in quick proto ipv6-icmp from any to any icmp-type 128
  pass in quick proto ipv6-icmp from any to any icmp-type echo

Use of symbolic names give now the following error:

  # ipf -Fa -6f /etc/ipf6.conf
  2: Unknown ICMPv6 type (echo) specified (use numeric value instead)

The first rule with numeric value will work as expected:

  # ipfstat -6hi
  0 pass in quick proto ipv6-icmp from any to any icmp-type 128

NOTE: You MUST use numerical values for ICMPv6 types. See
      /sys/netinet/icmp6.h for available codes!

diffstat:

 dist/ipf/parse.c |  18 ++++++++++++++++--
 1 files changed, 16 insertions(+), 2 deletions(-)

diffs (46 lines):

diff -r af4969d359b7 -r 12a718b48f7b dist/ipf/parse.c
--- a/dist/ipf/parse.c  Mon Feb 04 18:27:38 2002 +0000
+++ b/dist/ipf/parse.c  Mon Feb 04 19:07:47 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: parse.c,v 1.9 2002/02/04 12:00:52 martti Exp $ */
+/*     $NetBSD: parse.c,v 1.10 2002/02/04 19:07:47 martti Exp $        */
 
 /*
  * Copyright (C) 1993-2001 by Darren Reed.
@@ -998,6 +998,10 @@
                                linenum, **cp);
                        return -1;
                }
+       } else if (fp->fr_proto == IPPROTO_ICMPV6) {
+               fprintf(stderr, "%d: Unknown ICMPv6 type (%s) specified "
+                       "(use numeric value instead)\n", linenum, **cp);
+               return -1;
        } else {
                for (t = icmptypes, i = 0; ; t++, i++) {
                        if (!*t)
@@ -1291,7 +1295,7 @@
                        printf(" frag");
                }
        }
-       if (fp->fr_proto == IPPROTO_ICMP && fp->fr_icmpm) {
+       if (fp->fr_proto == IPPROTO_ICMP && fp->fr_icmpm != 0) {
                int     type = fp->fr_icmp, code;
 
                type = ntohs(fp->fr_icmp);
@@ -1305,6 +1309,16 @@
                if (ntohs(fp->fr_icmpm) & 0xff)
                        printf(" code %d", code);
        }
+       if (fp->fr_proto == IPPROTO_ICMPV6 && fp->fr_icmpm != 0) {
+               int     type = fp->fr_icmp, code;
+
+               type = ntohs(fp->fr_icmp);
+               code = type & 0xff;
+               type /= 256;
+               printf(" icmp-type %d", type);
+               if (ntohs(fp->fr_icmpm) & 0xff)
+                       printf(" code %d", code);
+       }
        if (fp->fr_proto == IPPROTO_TCP && (fp->fr_tcpf || fp->fr_tcpfm)) {
                printf(" flags ");
                if (fp->fr_tcpf & ~TCPF_ALL)

Prev by Date: [src/trunk]: src/share/man/man3 While va_{start, arg, end} conform to ISO C90, ...
Next by Date: [src/trunk]: src/libexec/ld.elf_so/arch/sh3 Whitespace cleanup.
Previous by Thread: [src/trunk]: src/share/man/man3 While va_{start, arg, end} conform to ISO C90, ...
Next by Thread: [src/trunk]: src/libexec/ld.elf_so/arch/sh3 Whitespace cleanup.
Indexes:

Home | Main Index | Thread Index | Old Index