From Mark_Andrews@isc.org  Fri Jun  2 03:16:35 2006
Return-Path: <Mark_Andrews@isc.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 61CAF16A8A6
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  2 Jun 2006 03:16:35 +0000 (UTC)
	(envelope-from Mark_Andrews@isc.org)
Received: from farside.isc.org (farside.isc.org [204.152.187.5])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1B07D43D46
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  2 Jun 2006 03:16:35 +0000 (GMT)
	(envelope-from Mark_Andrews@isc.org)
Received: from drugs.dv.isc.org (localhost.isc.org [IPv6:::1])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by farside.isc.org (Postfix) with ESMTP id 67748E6031
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  2 Jun 2006 03:16:34 +0000 (UTC)
	(envelope-from marka@isc.org)
Received: from drugs.dv.isc.org (localhost [127.0.0.1])
	by drugs.dv.isc.org (8.13.4/8.13.4) with ESMTP id k523GUcD044991
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 2 Jun 2006 13:16:30 +1000 (EST)
	(envelope-from marka@drugs.dv.isc.org)
Received: (from marka@localhost)
	by drugs.dv.isc.org (8.13.4/8.13.4/Submit) id k523GUGC044990;
	Fri, 2 Jun 2006 13:16:30 +1000 (EST)
	(envelope-from marka)
Message-Id: <200606020316.k523GUGC044990@drugs.dv.isc.org>
Date: Fri, 2 Jun 2006 13:16:30 +1000 (EST)
From: Mark Andrews <Mark_Andrews@isc.org>
Reply-To: Mark Andrews <Mark_Andrews@isc.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: ipfw does not display dynamic IPv6 rules [patch]
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         98349
>Category:       bin
>Synopsis:       [ipfw] [patch] ipfw does not display dynamic IPv6 rules
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    oleg
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Jun 02 03:20:14 GMT 2006
>Closed-Date:    Sat Jun 24 09:05:37 GMT 2006
>Last-Modified:  Sat Jun 24 09:05:37 GMT 2006
>Originator:     Mark Andrews
>Release:        FreeBSD 6.1-PRERELEASE i386
>Organization:
ISC
>Environment:
System: FreeBSD drugs.dv.isc.org 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #4: Fri Mar 24 10:55:39 EST 2006 marka@drugs.dv.isc.org:/usr/obj/usr/src/sys/DRUGS i386


>Description:

	ipfw does not display dynamic IPv6 rules

>How-To-Repeat:

	Add a rule like this 

// support traceroute
add 4500 set 1 pass udp from { me or me6 } to any keep-state out

	run traceroute6 to some destination.

	run "ipfw -d list"

>Fix:


--- /home/marka/ipfw2.c	Fri Jun  2 13:11:11 2006
+++ ipfw2.c	Fri Jun  2 13:03:39 2006
@@ -17,7 +17,7 @@
  *
  * NEW command line interface for IP firewall facility
  *
- * $FreeBSD: /repoman/r/ncvs/src/sbin/ipfw/ipfw2.c,v 1.76.2.6 2006/03/09 09:18:37 ume Exp $
+ * $FreeBSD: src/sbin/ipfw/ipfw2.c,v 1.76.2.6 2006/03/09 09:18:37 ume Exp $
  */
 
 #include <sys/param.h>
@@ -1931,6 +1931,7 @@
 	struct protoent *pe;
 	struct in_addr a;
 	uint16_t rulenum;
+	char buf[sizeof("xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:123.123.123.123")];
 
 	if (!do_expired) {
 		if (!d->expire && !(d->dyn_type == O_LIMIT_PARENT))
@@ -1959,11 +1960,21 @@
 	else
 		printf(" proto %u", d->id.proto);
 
-	a.s_addr = htonl(d->id.src_ip);
-	printf(" %s %d", inet_ntoa(a), d->id.src_port);
-
-	a.s_addr = htonl(d->id.dst_ip);
-	printf(" <-> %s %d", inet_ntoa(a), d->id.dst_port);
+	if (d->id.addr_type == 4) {
+		a.s_addr = htonl(d->id.src_ip);
+		printf(" %s %d", inet_ntoa(a), d->id.src_port);
+
+		a.s_addr = htonl(d->id.dst_ip);
+		printf(" <-> %s %d", inet_ntoa(a), d->id.dst_port);
+	} else if (d->id.addr_type == 6) {
+		printf(" %s %d",
+		       inet_ntop(AF_INET6, &d->id.src_ip6, buf, sizeof(buf)),
+		       d->id.src_port);
+		printf(" <-> %s %d",
+	               inet_ntop(AF_INET6, &d->id.dst_ip6, buf, sizeof(buf)),
+		       d->id.dst_port);
+	} else
+		printf("UNKNOWN <-> UNKNOWN");
 	printf("\n");
 }
 

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Jun 2 03:53:46 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=98349 
Responsible-Changed-From-To: freebsd-ipfw->mlaier 
Responsible-Changed-By: mlaier 
Responsible-Changed-When: Fri Jun 2 03:58:35 UTC 2006 
Responsible-Changed-Why:  
I'll take care of this as part of the ip6fw removal crusade. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=98349 
State-Changed-From-To: open->patched 
State-Changed-By: mlaier 
State-Changed-When: Fri Jun 2 05:19:11 UTC 2006 
State-Changed-Why:  
Committed as rev. 1.90, MFC in 2 weeks.  Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=98349 
Responsible-Changed-From-To: mlaier->oleg 
Responsible-Changed-By: mlaier 
Responsible-Changed-When: Mon Jun 19 19:59:38 UTC 2006 
Responsible-Changed-Why:  
Oleg will MFC this together with a follow-up commit.  Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=98349 
State-Changed-From-To: patched->closed 
State-Changed-By: oleg 
State-Changed-When: Sat Jun 24 09:04:18 UTC 2006 
State-Changed-Why:  
Just MFCed changes to RELENG_6. 
Thank you for your report. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=98349 
>Unformatted:
