mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-01 12:19:28 +00:00
Support interface names up to 15 characters in length. In order to
accommodate the expanded name, the ICMP types bitmap has been reduced from 256 bits to 32. A recompile of kernel and user level ipfw is required. To be merged into 2.2 after a brief period in -current. PR: bin/4209 Reviewed by: Archie Cobbs <archie@whistle.com>
This commit is contained in:
Alexander Langer
parent
236d2f5583
commit
750f6aad7b
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=27981
@ -16,7 +16,7 @@
|
||||
*
|
||||
* NEW command line interface for IP firewall facility
|
||||
*
|
||||
* $Id: ipfw.c,v 1.45 1997/06/23 22:32:13 julian Exp $
|
||||
* $Id: ipfw.c,v 1.46 1997/07/25 03:13:46 brian Exp $
|
||||
*
|
||||
*/
|
||||
|
||||
@ -384,7 +384,7 @@ show_ipfw(struct ip_fw *chain)
|
||||
|
||||
printf(" icmptype");
|
||||
|
||||
for (type_index = 0; type_index < 256; ++type_index)
|
||||
for (type_index = 0; type_index < IP_FW_ICMPTYPES_DIM * sizeof(unsigned) * 8; ++type_index)
|
||||
if (chain->fw_icmptypes[type_index / (sizeof(unsigned) * 8)] &
|
||||
(1U << (type_index % (sizeof(unsigned) * 8)))) {
|
||||
printf("%c%d", first == 1 ? ' ' : ',', type_index);
|
||||
@ -697,8 +697,8 @@ fill_icmptypes(types, vp, fw_flg)
|
||||
if ( *c != ',' && *c != '\0' )
|
||||
show_usage("invalid ICMP type");
|
||||
|
||||
if (icmptype > 255)
|
||||
show_usage("ICMP types are between 0 and 255 inclusive");
|
||||
if (icmptype >= IP_FW_ICMPTYPES_DIM * sizeof(unsigned) * 8)
|
||||
show_usage("ICMP type out of range");
|
||||
|
||||
types[icmptype / (sizeof(unsigned) * 8)] |=
|
||||
1 << (icmptype % (sizeof(unsigned) * 8));
|
||||
|
||||
@ -11,12 +11,14 @@
|
||||
*
|
||||
* This software is provided ``AS IS'' without any warranties of any kind.
|
||||
*
|
||||
* $Id: ip_fw.h,v 1.1 1997/05/09 17:46:45 archie Exp $
|
||||
* $Id: ip_fw.h,v 1.27 1997/06/02 05:02:36 julian Exp $
|
||||
*/
|
||||
|
||||
#ifndef _IP_FW_H
|
||||
#define _IP_FW_H
|
||||
|
||||
#include <net/if.h>
|
||||
|
||||
/*
|
||||
* This union structure identifies an interface, either explicitly
|
||||
* by name or implicitly by IP address. The flags IP_FW_F_IIFNAME
|
||||
@ -33,7 +35,7 @@
|
||||
union ip_fw_if {
|
||||
struct in_addr fu_via_ip; /* Specified by IP address */
|
||||
struct { /* Specified by interface name */
|
||||
#define FW_IFNLEN 6 /* To keep structure on 2^x boundary */
|
||||
#define FW_IFNLEN IFNAMSIZ
|
||||
char name[FW_IFNLEN];
|
||||
short unit; /* -1 means match any unit */
|
||||
} fu_via_if;
|
||||
@ -58,7 +60,7 @@ struct ip_fw {
|
||||
u_short fw_pts[IP_FW_MAX_PORTS]; /* Array of port numbers to match */
|
||||
u_char fw_ipopt,fw_ipnopt; /* IP options set/unset */
|
||||
u_char fw_tcpf,fw_tcpnf; /* TCP flags set/unset */
|
||||
#define IP_FW_ICMPTYPES_DIM (256 / (sizeof(unsigned) * 8))
|
||||
#define IP_FW_ICMPTYPES_DIM (32 / (sizeof(unsigned) * 8))
|
||||
unsigned fw_icmptypes[IP_FW_ICMPTYPES_DIM]; /* ICMP types bitmap */
|
||||
long timestamp; /* timestamp (tv_sec) of last match */
|
||||
union ip_fw_if fw_in_if, fw_out_if; /* Incoming and outgoing interfaces */
|
||||
|
||||
Loading…
Reference in New Issue
Block a user