From nobody@FreeBSD.org  Wed Sep  3 02:43:00 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EDD1F1065675
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  3 Sep 2008 02:43:00 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id DF27C8FC08
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  3 Sep 2008 02:43:00 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m832h0Vc013634
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 3 Sep 2008 02:43:00 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m832h0un013633;
	Wed, 3 Sep 2008 02:43:00 GMT
	(envelope-from nobody)
Message-Id: <200809030243.m832h0un013633@www.freebsd.org>
Date: Wed, 3 Sep 2008 02:43:00 GMT
From: Ganbold <ganbold@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: add "all" command line option to ipfw table listing
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         127058
>Category:       bin
>Synopsis:       [patch] add "all" command line option to ipfw(8) table listing
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    rik
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 03 02:50:00 UTC 2008
>Closed-Date:    Tue Sep 30 04:09:23 UTC 2008
>Last-Modified:  Tue Sep 30 04:09:23 UTC 2008
>Originator:     Ganbold
>Release:        RELENG_7
>Organization:
>Environment:
>Description:
Following patches add possibility to list IP addresses from all defined ipfw tables.

For example:

v02# ipfw table all list
---table(1)---
202.179.18.7/32 0
202.179.27.132/32 0
208.48.2.0/24 0
---table(2)---
202.72.244.226/32 0
---table(3)---
61.222.9.212/32 0
74.53.215.0/24 0
75.125.150.0/24 0
75.125.150.18/32 0
75.126.214.0/24 0
121.156.57.4/32 0
163.29.176.20/32 0
212.37.111.0/24 0
---table(4)---
64.202.163.213/32 0
---table(5)---
165.146.30.119/32 0
196.207.13.5/32 0
..

Patches are fully tested on RELENG_7 (FreeBSD 7.1-PRERELEASE #6:
Wed Sep  3 10:02:27 ULAT 2008).

Also these patches successfully applies to CURRENT.

>How-To-Repeat:

>Fix:
--- ip_fw2.c.orig	2008-08-20 03:58:42.000000000 +0800
+++ ip_fw2.c	2008-09-03 09:53:29.000000000 +0800
@@ -254,7 +254,10 @@
 static u_int32_t static_len;	/* size in bytes of static rules */
 static u_int32_t dyn_count;		/* # of dynamic rules */
 static u_int32_t dyn_max = 4096;	/* max # of dynamic rules */
+static u_int32_t tables_max = IPFW_TABLES_MAX;	/* max # of tables */
 
+SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, tables_max, CTLFLAG_RD,
+    &tables_max, 0, "Max number of tables");
 SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW,
     &dyn_buckets, 0, "Number of dyn. buckets");
 SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, CTLFLAG_RD,




--- ipfw2.c.orig	2008-09-03 09:58:22.000000000 +0800
+++ ipfw2.c	2008-09-03 10:19:20.000000000 +0800
@@ -5860,22 +5860,27 @@
  * 	ipfw table N add addr[/masklen] [value]
  * 	ipfw table N delete addr[/masklen]
  * 	ipfw table N flush
- * 	ipfw table N list
+ * 	ipfw table N|all list
  */
 static void
 table_handler(int ac, char *av[])
 {
 	ipfw_table_entry ent;
 	ipfw_table *tbl;
-	int do_add;
+	int do_add, is_all = 0;
 	char *p;
 	socklen_t l;
-	uint32_t a;
+	uint32_t a, b, c;
+	size_t len;
 
 	ac--; av++;
 	if (ac && isdigit(**av)) {
 		ent.tbl = atoi(*av);
 		ac--; av++;
+	} else if (_substrcmp(*av, "all") == 0) {
+		ent.tbl = 0;
+		is_all = 1;
+		ac--; av++;
 	} else
 		errx(EX_USAGE, "table number required");
 	NEED1("table needs command");
@@ -5931,33 +5936,48 @@
 		if (do_cmd(IP_FW_TABLE_FLUSH, &ent.tbl, sizeof(ent.tbl)) < 0)
 			err(EX_OSERR, "setsockopt(IP_FW_TABLE_FLUSH)");
 	} else if (_substrcmp(*av, "list") == 0) {
-		a = ent.tbl;
-		l = sizeof(a);
-		if (do_cmd(IP_FW_TABLE_GETSIZE, &a, (uintptr_t)&l) < 0)
-			err(EX_OSERR, "getsockopt(IP_FW_TABLE_GETSIZE)");
-		l = sizeof(*tbl) + a * sizeof(ipfw_table_entry);
-		tbl = malloc(l);
-		if (tbl == NULL)
-			err(EX_OSERR, "malloc");
-		tbl->tbl = ent.tbl;
-		if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
-			err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
-		for (a = 0; a < tbl->cnt; a++) {
-			unsigned int tval;
-			tval = tbl->ent[a].value;
-			if (do_value_as_ip) {
-			    char tbuf[128];
-			    strncpy(tbuf, inet_ntoa(*(struct in_addr *)
-				&tbl->ent[a].addr), 127);
-			    /* inet_ntoa expects network order */
-			    tval = htonl(tval);
-			    printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
-			        inet_ntoa(*(struct in_addr *)&tval));
-			} else {
-			    printf("%s/%u %u\n",
-			        inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
-			        tbl->ent[a].masklen, tval);
+		c = ent.tbl;
+		if (is_all) {
+	                len = sizeof(uint32_t);
+			/* get IPFW_TABLES_MAX */
+        	        if (sysctlbyname("net.inet.ip.fw.tables_max",
+                	        &c, &len, NULL, 0) == -1)
+	                    errx(1, "sysctlbyname(\"%s\")",
+        	                "net.inet.ip.fw.tables_max");
+			c -= 1;
+		}
+		for (b = ent.tbl; b <= c; b++) {
+			a = b;
+			l = sizeof(b);
+			if (do_cmd(IP_FW_TABLE_GETSIZE, &a, (uintptr_t)&l) < 0)
+				err(EX_OSERR, "getsockopt(IP_FW_TABLE_GETSIZE)");
+			l = sizeof(*tbl) + a * sizeof(ipfw_table_entry);
+			tbl = malloc(l);
+			if (tbl == NULL)
+				err(EX_OSERR, "malloc");
+			tbl->tbl = b;
+			if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
+				err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
+			if (tbl->cnt && is_all)
+				printf("---table(%d)---\n", b);
+			for (a = 0; a < tbl->cnt; a++) {
+				unsigned int tval;
+				tval = tbl->ent[a].value;
+				if (do_value_as_ip) {
+				    char tbuf[128];
+				    strncpy(tbuf, inet_ntoa(*(struct in_addr *)
+					&tbl->ent[a].addr), 127);
+				    /* inet_ntoa expects network order */
+				    tval = htonl(tval);
+				    printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
+				        inet_ntoa(*(struct in_addr *)&tval));
+				} else {
+				    printf("%s/%u %u\n",
+				        inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
+			        	tbl->ent[a].masklen, tval);
+				}
 			}
+			free(tbl);
 		}
 	} else
 		errx(EX_USAGE, "invalid table command %s", *av);





--- ipfw.8-original	2008-09-01 17:08:35.000000000 +0800
+++ ipfw.8	2008-09-03 10:26:07.000000000 +0800
@@ -51,7 +51,9 @@
 .Nm
 .Cm table Ar number Cm flush
 .Nm
-.Cm table Ar number Cm list
+.Cm table
+.Brq Ar number | all 
+.Cm list
 .Pp
 .Nm
 .Brq Cm pipe | queue




>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Sep 3 03:19:50 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=127058 

From: ganbold <ganbold@freebsd.org>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/127058: add "all" command line option to ipfw table listing
Date: Wed, 03 Sep 2008 11:45:06 +0800

 I guess more complete ipfw(8) part of patch is here:
 
 --- ipfw.8-original    2008-09-01 17:08:35.000000000 +0800
 +++ ipfw.8    2008-09-03 11:33:30.000000000 +0800
 @@ -51,7 +51,9 @@
  .Nm
  .Cm table Ar number Cm flush
  .Nm
 -.Cm table Ar number Cm list
 +.Cm table
 +.Brq Ar number | all
 +.Cm list
  .Pp
  .Nm
  .Brq Cm pipe | queue
 @@ -2207,6 +2209,8 @@
  .It Em net.inet.ip.fw.debug : No 1
  Controls debugging messages produced by
  .Nm .
 +.It Em net.inet.ip.fw.tables_max : No 128
 +Maximum number of tables.
  .It Em net.inet.ip.fw.dyn_buckets : No 256
  The number of buckets in the hash table for dynamic rules.
  Must be a power of 2, up to 65536.
 
 thanks,
 
 Ganbold
 
 
 Ganbold wrote:
 >> Number:         127058
 >> Category:       bin
 >> Synopsis:       add "all" command line option to ipfw table listing
 >> Confidential:   no
 >> Severity:       non-critical
 >> Priority:       low
 >> Responsible:    freebsd-bugs
 >> State:          open
 >> Quarter:        
 >> Keywords:       
 >> Date-Required:
 >> Class:          sw-bug
 >> Submitter-Id:   current-users
 >> Arrival-Date:   Wed Sep 03 02:50:00 UTC 2008
 >> Closed-Date:
 >> Last-Modified:
 >> Originator:     Ganbold
 >> Release:        RELENG_7
 >> Organization:
 >> Environment:
 >> Description:
 >>     
 > Following patches add possibility to list IP addresses from all defined ipfw tables.
 >
 > For example:
 >
 > v02# ipfw table all list
 > ---table(1)---
 > 202.179.18.7/32 0
 > 202.179.27.132/32 0
 > 208.48.2.0/24 0
 > ---table(2)---
 > 202.72.244.226/32 0
 > ---table(3)---
 > 61.222.9.212/32 0
 > 74.53.215.0/24 0
 > 75.125.150.0/24 0
 > 75.125.150.18/32 0
 > 75.126.214.0/24 0
 > 121.156.57.4/32 0
 > 163.29.176.20/32 0
 > 212.37.111.0/24 0
 > ---table(4)---
 > 64.202.163.213/32 0
 > ---table(5)---
 > 165.146.30.119/32 0
 > 196.207.13.5/32 0
 > .
 >
 > Patches are fully tested on RELENG_7 (FreeBSD 7.1-PRERELEASE #6: Wed Sep  3 10:02:27 ULAT 2008).
 >
 > Also these patches successfully applies to CURRENT.
 >
 >   
 >> How-To-Repeat:
 >>     
 >
 >   
 >> Fix:
 >>     
 > --- ip_fw2.c.orig	2008-08-20 03:58:42.000000000 +0800
 > +++ ip_fw2.c	2008-09-03 09:53:29.000000000 +0800
 > @@ -254,7 +254,10 @@
 >  static u_int32_t static_len;	/* size in bytes of static rules */
 >  static u_int32_t dyn_count;		/* # of dynamic rules */
 >  static u_int32_t dyn_max = 4096;	/* max # of dynamic rules */
 > +static u_int32_t tables_max = IPFW_TABLES_MAX;	/* max # of tables */
 >  
 > +SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, tables_max, CTLFLAG_RD,
 > +    &tables_max, 0, "Max number of tables");
 >  SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW,
 >      &dyn_buckets, 0, "Number of dyn. buckets");
 >  SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, CTLFLAG_RD,
 >
 >
 >
 >
 > --- ipfw2.c.orig	2008-09-03 09:58:22.000000000 +0800
 > +++ ipfw2.c	2008-09-03 10:19:20.000000000 +0800
 > @@ -5860,22 +5860,27 @@
 >   * 	ipfw table N add addr[/masklen] [value]
 >   * 	ipfw table N delete addr[/masklen]
 >   * 	ipfw table N flush
 > - * 	ipfw table N list
 > + * 	ipfw table N|all list
 >   */
 >  static void
 >  table_handler(int ac, char *av[])
 >  {
 >  	ipfw_table_entry ent;
 >  	ipfw_table *tbl;
 > -	int do_add;
 > +	int do_add, is_all = 0;
 >  	char *p;
 >  	socklen_t l;
 > -	uint32_t a;
 > +	uint32_t a, b, c;
 > +	size_t len;
 >  
 >  	ac--; av++;
 >  	if (ac && isdigit(**av)) {
 >  		ent.tbl = atoi(*av);
 >  		ac--; av++;
 > +	} else if (_substrcmp(*av, "all") == 0) {
 > +		ent.tbl = 0;
 > +		is_all = 1;
 > +		ac--; av++;
 >  	} else
 >  		errx(EX_USAGE, "table number required");
 >  	NEED1("table needs command");
 > @@ -5931,33 +5936,48 @@
 >  		if (do_cmd(IP_FW_TABLE_FLUSH, &ent.tbl, sizeof(ent.tbl)) < 0)
 >  			err(EX_OSERR, "setsockopt(IP_FW_TABLE_FLUSH)");
 >  	} else if (_substrcmp(*av, "list") == 0) {
 > -		a = ent.tbl;
 > -		l = sizeof(a);
 > -		if (do_cmd(IP_FW_TABLE_GETSIZE, &a, (uintptr_t)&l) < 0)
 > -			err(EX_OSERR, "getsockopt(IP_FW_TABLE_GETSIZE)");
 > -		l = sizeof(*tbl) + a * sizeof(ipfw_table_entry);
 > -		tbl = malloc(l);
 > -		if (tbl == NULL)
 > -			err(EX_OSERR, "malloc");
 > -		tbl->tbl = ent.tbl;
 > -		if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
 > -			err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
 > -		for (a = 0; a < tbl->cnt; a++) {
 > -			unsigned int tval;
 > -			tval = tbl->ent[a].value;
 > -			if (do_value_as_ip) {
 > -			    char tbuf[128];
 > -			    strncpy(tbuf, inet_ntoa(*(struct in_addr *)
 > -				&tbl->ent[a].addr), 127);
 > -			    /* inet_ntoa expects network order */
 > -			    tval = htonl(tval);
 > -			    printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
 > -			        inet_ntoa(*(struct in_addr *)&tval));
 > -			} else {
 > -			    printf("%s/%u %u\n",
 > -			        inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
 > -			        tbl->ent[a].masklen, tval);
 > +		c = ent.tbl;
 > +		if (is_all) {
 > +	                len = sizeof(uint32_t);
 > +			/* get IPFW_TABLES_MAX */
 > +        	        if (sysctlbyname("net.inet.ip.fw.tables_max",
 > +                	        &c, &len, NULL, 0) == -1)
 > +	                    errx(1, "sysctlbyname(\"%s\")",
 > +        	                "net.inet.ip.fw.tables_max");
 > +			c -= 1;
 > +		}
 > +		for (b = ent.tbl; b <= c; b++) {
 > +			a = b;
 > +			l = sizeof(b);
 > +			if (do_cmd(IP_FW_TABLE_GETSIZE, &a, (uintptr_t)&l) < 0)
 > +				err(EX_OSERR, "getsockopt(IP_FW_TABLE_GETSIZE)");
 > +			l = sizeof(*tbl) + a * sizeof(ipfw_table_entry);
 > +			tbl = malloc(l);
 > +			if (tbl == NULL)
 > +				err(EX_OSERR, "malloc");
 > +			tbl->tbl = b;
 > +			if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
 > +				err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
 > +			if (tbl->cnt && is_all)
 > +				printf("---table(%d)---\n", b);
 > +			for (a = 0; a < tbl->cnt; a++) {
 > +				unsigned int tval;
 > +				tval = tbl->ent[a].value;
 > +				if (do_value_as_ip) {
 > +				    char tbuf[128];
 > +				    strncpy(tbuf, inet_ntoa(*(struct in_addr *)
 > +					&tbl->ent[a].addr), 127);
 > +				    /* inet_ntoa expects network order */
 > +				    tval = htonl(tval);
 > +				    printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
 > +				        inet_ntoa(*(struct in_addr *)&tval));
 > +				} else {
 > +				    printf("%s/%u %u\n",
 > +				        inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
 > +			        	tbl->ent[a].masklen, tval);
 > +				}
 >  			}
 > +			free(tbl);
 >  		}
 >  	} else
 >  		errx(EX_USAGE, "invalid table command %s", *av);
 >
 >
 >
 >
 >
 > --- ipfw.8-original	2008-09-01 17:08:35.000000000 +0800
 > +++ ipfw.8	2008-09-03 10:26:07.000000000 +0800
 > @@ -51,7 +51,9 @@
 >  .Nm
 >  .Cm table Ar number Cm flush
 >  .Nm
 > -.Cm table Ar number Cm list
 > +.Cm table
 > +.Brq Ar number | all 
 > +.Cm list
 >  .Pp
 >  .Nm
 >  .Brq Cm pipe | queue
 >
 >
 >
 >
 >   
 >> Release-Note:
 >> Audit-Trail:
 >> Unformatted:
 >>     
 > _______________________________________________
 > freebsd-bugs@freebsd.org mailing list
 > http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
 > To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"
 >
 >
 >
 >   
 
 -- 
 The difference between a misfortune and a calamity? If Gladstone fell 
 into the Thames, it would be a misfortune. But if someone dragged him 
 out again, it would be a calamity. -- Benjamin Disraeli

From: Ganbold <ganbold@micom.mng.net>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/127058: add "all" command line option to ipfw table listing
Date: Wed, 03 Sep 2008 19:26:19 +0800

 The patches are at:
 
 http://www.mnbsd.org/ganbold/ip_fw2.c.patch
 http://www.mnbsd.org/ganbold/ipfw.8.patch
 http://www.mnbsd.org/ganbold/ipfw2.c.patch
 
 thanks,
 
 Ganbold
 
 
 Ganbold wrote:
 >> Number:         127058
 >> Category:       bin
 >> Synopsis:       add "all" command line option to ipfw table listing
 >> Confidential:   no
 >> Severity:       non-critical
 >> Priority:       low
 >> Responsible:    freebsd-bugs
 >> State:          open
 >> Quarter:        
 >> Keywords:       
 >> Date-Required:
 >> Class:          sw-bug
 >> Submitter-Id:   current-users
 >> Arrival-Date:   Wed Sep 03 02:50:00 UTC 2008
 >> Closed-Date:
 >> Last-Modified:
 >> Originator:     Ganbold
 >> Release:        RELENG_7
 >> Organization:
 >> Environment:
 >> Description:
 >>     
 > Following patches add possibility to list IP addresses from all defined ipfw tables.
 >
 > For example:
 >
 > v02# ipfw table all list
 > ---table(1)---
 > 202.179.18.7/32 0
 > 202.179.27.132/32 0
 > 208.48.2.0/24 0
 > ---table(2)---
 > 202.72.244.226/32 0
 > ---table(3)---
 > 61.222.9.212/32 0
 > 74.53.215.0/24 0
 > 75.125.150.0/24 0
 > 75.125.150.18/32 0
 > 75.126.214.0/24 0
 > 121.156.57.4/32 0
 > 163.29.176.20/32 0
 > 212.37.111.0/24 0
 > ---table(4)---
 > 64.202.163.213/32 0
 > ---table(5)---
 > 165.146.30.119/32 0
 > 196.207.13.5/32 0
 > .
 >
 > Patches are fully tested on RELENG_7 (FreeBSD 7.1-PRERELEASE #6: Wed Sep  3 10:02:27 ULAT 2008).
 >
 > Also these patches successfully applies to CURRENT.
 >
 >   
 >> How-To-Repeat:
 >>     
 >
 >   
 >> Fix:
 >>     
 > --- ip_fw2.c.orig	2008-08-20 03:58:42.000000000 +0800
 > +++ ip_fw2.c	2008-09-03 09:53:29.000000000 +0800
 > @@ -254,7 +254,10 @@
 >  static u_int32_t static_len;	/* size in bytes of static rules */
 >  static u_int32_t dyn_count;		/* # of dynamic rules */
 >  static u_int32_t dyn_max = 4096;	/* max # of dynamic rules */
 > +static u_int32_t tables_max = IPFW_TABLES_MAX;	/* max # of tables */
 >  
 > +SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, tables_max, CTLFLAG_RD,
 > +    &tables_max, 0, "Max number of tables");
 >  SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW,
 >      &dyn_buckets, 0, "Number of dyn. buckets");
 >  SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, CTLFLAG_RD,
 >
 >
 >
 >
 > --- ipfw2.c.orig	2008-09-03 09:58:22.000000000 +0800
 > +++ ipfw2.c	2008-09-03 10:19:20.000000000 +0800
 > @@ -5860,22 +5860,27 @@
 >   * 	ipfw table N add addr[/masklen] [value]
 >   * 	ipfw table N delete addr[/masklen]
 >   * 	ipfw table N flush
 > - * 	ipfw table N list
 > + * 	ipfw table N|all list
 >   */
 >  static void
 >  table_handler(int ac, char *av[])
 >  {
 >  	ipfw_table_entry ent;
 >  	ipfw_table *tbl;
 > -	int do_add;
 > +	int do_add, is_all = 0;
 >  	char *p;
 >  	socklen_t l;
 > -	uint32_t a;
 > +	uint32_t a, b, c;
 > +	size_t len;
 >  
 >  	ac--; av++;
 >  	if (ac && isdigit(**av)) {
 >  		ent.tbl = atoi(*av);
 >  		ac--; av++;
 > +	} else if (_substrcmp(*av, "all") == 0) {
 > +		ent.tbl = 0;
 > +		is_all = 1;
 > +		ac--; av++;
 >  	} else
 >  		errx(EX_USAGE, "table number required");
 >  	NEED1("table needs command");
 > @@ -5931,33 +5936,48 @@
 >  		if (do_cmd(IP_FW_TABLE_FLUSH, &ent.tbl, sizeof(ent.tbl)) < 0)
 >  			err(EX_OSERR, "setsockopt(IP_FW_TABLE_FLUSH)");
 >  	} else if (_substrcmp(*av, "list") == 0) {
 > -		a = ent.tbl;
 > -		l = sizeof(a);
 > -		if (do_cmd(IP_FW_TABLE_GETSIZE, &a, (uintptr_t)&l) < 0)
 > -			err(EX_OSERR, "getsockopt(IP_FW_TABLE_GETSIZE)");
 > -		l = sizeof(*tbl) + a * sizeof(ipfw_table_entry);
 > -		tbl = malloc(l);
 > -		if (tbl == NULL)
 > -			err(EX_OSERR, "malloc");
 > -		tbl->tbl = ent.tbl;
 > -		if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
 > -			err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
 > -		for (a = 0; a < tbl->cnt; a++) {
 > -			unsigned int tval;
 > -			tval = tbl->ent[a].value;
 > -			if (do_value_as_ip) {
 > -			    char tbuf[128];
 > -			    strncpy(tbuf, inet_ntoa(*(struct in_addr *)
 > -				&tbl->ent[a].addr), 127);
 > -			    /* inet_ntoa expects network order */
 > -			    tval = htonl(tval);
 > -			    printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
 > -			        inet_ntoa(*(struct in_addr *)&tval));
 > -			} else {
 > -			    printf("%s/%u %u\n",
 > -			        inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
 > -			        tbl->ent[a].masklen, tval);
 > +		c = ent.tbl;
 > +		if (is_all) {
 > +	                len = sizeof(uint32_t);
 > +			/* get IPFW_TABLES_MAX */
 > +        	        if (sysctlbyname("net.inet.ip.fw.tables_max",
 > +                	        &c, &len, NULL, 0) == -1)
 > +	                    errx(1, "sysctlbyname(\"%s\")",
 > +        	                "net.inet.ip.fw.tables_max");
 > +			c -= 1;
 > +		}
 > +		for (b = ent.tbl; b <= c; b++) {
 > +			a = b;
 > +			l = sizeof(b);
 > +			if (do_cmd(IP_FW_TABLE_GETSIZE, &a, (uintptr_t)&l) < 0)
 > +				err(EX_OSERR, "getsockopt(IP_FW_TABLE_GETSIZE)");
 > +			l = sizeof(*tbl) + a * sizeof(ipfw_table_entry);
 > +			tbl = malloc(l);
 > +			if (tbl == NULL)
 > +				err(EX_OSERR, "malloc");
 > +			tbl->tbl = b;
 > +			if (do_cmd(IP_FW_TABLE_LIST, tbl, (uintptr_t)&l) < 0)
 > +				err(EX_OSERR, "getsockopt(IP_FW_TABLE_LIST)");
 > +			if (tbl->cnt && is_all)
 > +				printf("---table(%d)---\n", b);
 > +			for (a = 0; a < tbl->cnt; a++) {
 > +				unsigned int tval;
 > +				tval = tbl->ent[a].value;
 > +				if (do_value_as_ip) {
 > +				    char tbuf[128];
 > +				    strncpy(tbuf, inet_ntoa(*(struct in_addr *)
 > +					&tbl->ent[a].addr), 127);
 > +				    /* inet_ntoa expects network order */
 > +				    tval = htonl(tval);
 > +				    printf("%s/%u %s\n", tbuf, tbl->ent[a].masklen,
 > +				        inet_ntoa(*(struct in_addr *)&tval));
 > +				} else {
 > +				    printf("%s/%u %u\n",
 > +				        inet_ntoa(*(struct in_addr *)&tbl->ent[a].addr),
 > +			        	tbl->ent[a].masklen, tval);
 > +				}
 >  			}
 > +			free(tbl);
 >  		}
 >  	} else
 >  		errx(EX_USAGE, "invalid table command %s", *av);
 >
 >
 >
 >
 >
 > --- ipfw.8-original	2008-09-01 17:08:35.000000000 +0800
 > +++ ipfw.8	2008-09-03 10:26:07.000000000 +0800
 > @@ -51,7 +51,9 @@
 >  .Nm
 >  .Cm table Ar number Cm flush
 >  .Nm
 > -.Cm table Ar number Cm list
 > +.Cm table
 > +.Brq Ar number | all 
 > +.Cm list
 >  .Pp
 >  .Nm
 >  .Brq Cm pipe | queue
 >
 >
 >
 >
 >   
 >> Release-Note:
 >> Audit-Trail:
 >> Unformatted:
 >>     
 > _______________________________________________
 > freebsd-bugs@freebsd.org mailing list
 > http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
 > To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"
 >
 >
 >
 >   
 
 -- 
 Only someone with nothing to be sorry for
 smiles back at the rear of an elephant.
Responsible-Changed-From-To: freebsd-ipfw->rik 
Responsible-Changed-By: rik 
Responsible-Changed-When: Mon Sep 8 06:04:48 UTC 2008 
Responsible-Changed-Why:  
I'll take care of it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=127058 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/127058: commit references a PR
Date: Sun, 14 Sep 2008 09:24:37 +0000 (UTC)

 rik         2008-09-14 09:24:12 UTC
 
   FreeBSD src repository
 
   Modified files:
     sys/netinet          ip_fw2.c 
   Log:
   SVN rev 183015 on 2008-09-14 09:24:12Z by rik
   
   Export IPFW_TABLES_MAX via sysctl.  Part of PR: 127058.
   
   PR:             127058
   
   Revision  Changes    Path
   1.193     +2 -0      src/sys/netinet/ip_fw2.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/127058: commit references a PR
Date: Sat, 27 Sep 2008 14:30:55 +0000 (UTC)

 rik         2008-09-27 14:30:34 UTC
 
   FreeBSD src repository
 
   Modified files:
     sbin/ipfw            ipfw2.c 
   Log:
   SVN rev 183407 on 2008-09-27 14:30:34Z by rik
   
   Add keyword all in addtion to the table number for the 'list' and the
   'flush' actions on tables.  Part of PR: 127058.
   
   PR:             127058 (based on)
   MFC after:      1 month
   
   Revision  Changes    Path
   1.129     +29 -8     src/sbin/ipfw/ipfw2.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/127058: commit references a PR
Date: Sat, 27 Sep 2008 15:09:26 +0000 (UTC)

 rik         2008-09-27 15:09:00 UTC
 
   FreeBSD src repository
 
   Modified files:
     sbin/ipfw            ipfw.8 
   Log:
   SVN rev 183408 on 2008-09-27 15:09:00Z by rik
   
   * add all keyword for table list & flush actions.
   * add tables_max sysctl.
   * add default_rule sysctl.
   
   PR:             127058 (partially)
   
   Revision  Changes    Path
   1.217     +14 -3     src/sbin/ipfw/ipfw.8
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->closed 
State-Changed-By: rik 
State-Changed-When: Tue Sep 30 04:07:57 UTC 2008 
State-Changed-Why:  
All patches are committed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=127058 
>Unformatted:
