Searched hist:117469 (Results 1 - 1 of 1) sorted by relevance
| /freebsd-9.3-release/sbin/ipfw/ | ||
| H A D | ipfw2.c | diff 117469 Sat Jul 12 04:53:16 MDT 2003 luigi In random order: * make the code compile with WARNS=5 (at least on i386), mostly by adding 'const' specifier and replacing "void *" with "char *" in places where pointer arithmetic was used. This also spotted a few places where invalid tests (e.g. uint < 0) were used. * support ranges in "list" and "show" commands. Now you can say ipfw show 100-1000 4000-8000 which is very convenient when you have large rulesets. * implement comments in ipfw commands. These are implemented in the kernel as O_NOP commands (which always match) whose body contains the comment string. In userland, a comment is a C++-style comment: ipfw add allow ip from me to any // i can talk to everybody The choice of '//' versus '#' is somewhat arbitrary, but because the preprocessor/readfile part of ipfw used to strip away '#', I did not want to change this behaviour. If a rule only contains a comment ipfw add 1000 // this rule is just a comment then it is stored as a 'count' rule (this is also to remind the user that scanning through a rule is expensive). * improve handling of flags (still to be completed). ipfw_main() was written thinking of 'one rule per ipfw invocation', and so flags are set and never cleared. With readfile/preprocessor support, this changes and certain flags should be reset on each line. For the time being, only fix handling of '-a' which differentiates the "list" and "show" commands. * rework the preprocessor support -- ipfw_main() already had most of the parsing code, so i have moved in there the only missing bit (stripping away '#' and comments) and removed the parsing from ipfw_readfile(). Also, add some more options (such as -c, -N, -S) to the readfile section. MFC after: 3 days |
Completed in 118 milliseconds