Bug #2739: 'ipfw set show' did not show correct disabled set - DragonFlyBSD - DragonFlyBSD bugtracker

Actions

Copy link

Bug #2739

closed

'ipfw set show' did not show correct disabled set

Added by bycn82 almost 10 years ago.

Status:

Resolved

Priority:

Low

Assignee:

Category:

Networking

Target version:

3.8

Start date:

11/25/2014

Due date:

% Done:

Estimated time:

Description

Steps to replicate the issue:

1.ipfw -f flush
2.ipfw set disable 2
3.ipfw set show << correct result
4.ipfw add allow icmp
5.ipfw set show << wroug here!!!

Reason:
When the rule is not empty, the ipfw is not able to get the rules from kernel space because of backend logic problem.

Fix:

@ -1435,14 +876,22 @ sets_handler(int ac, char *av[])
if (!strncmp(*av, "show", strlen(*av)) ) {
void *data;
char *msg;

nbytes = sizeof(struct ipfw_ioc_rule);
- if ((data = malloc(nbytes)) == NULL)
- err(EX_OSERR, "malloc");
- if (getsockopt(s, IPPROTO_IP, IP_FW_GET, data, &nbytes) < 0)
- err(EX_OSERR, "getsockopt(IP_FW_GET)");
+ int nalloc=1024;
+ nbytes = nalloc;
+ if ((data = malloc(nbytes)) == NULL){
+ err(EX_OSERR, "malloc");
+ }
+ while (nbytes >= nalloc) {
+ nalloc = nalloc * 2+512;
+ nbytes = nalloc;
+ if ((data = realloc(data, nbytes)) == NULL){
+ err(EX_OSERR, "realloc");
+ }
+ if (getsockopt(s, IPPROTO_IP, IP_FW_GET, data, &nbytes) < 0){
+ err(EX_OSERR, "getsockopt(IP_FW_GET)");
+ }
+ }

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

DragonFlyBSD

Bug #2739

'ipfw set show' did not show correct disabled set