X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ipfw%2Fipfw2.c;h=85979f87c5bb2e822bc6039c364fee89a98f526c;hb=7f9fafbbf8a2c3d7a4b9aab56d63d9ee6f4bed82;hp=571ff39950b8afccbb624aace757b3dd6fc8f442;hpb=5ad9fec40da13c449d50def12f9cea6e24b6a708;p=ipfw.git

diff --git a/ipfw/ipfw2.c b/ipfw/ipfw2.c
index 571ff39..85979f8 100644
--- a/ipfw/ipfw2.c
+++ b/ipfw/ipfw2.c
@@ -224,11 +224,14 @@ static struct _s_x rule_action_params[] = {
 	{ NULL, 0 }	/* terminator */
 };
 
-/* index of 'lookup ... ' keys in the kernel */
+/*                             
+ * The 'lookup' instruction accepts one of the following arguments.
+ * -1 is a terminator for the list.
+ * Arguments are passed as v[1] in O_DST_LOOKUP options.
+ */
 static int lookup_key[] = {
 	TOK_DSTIP, TOK_SRCIP, TOK_DSTPORT, TOK_SRCPORT,
-	TOK_UID, TOK_GID, TOK_JAIL,
-	TOK_PROTO, TOK_MACTYPE, 0, };
+	TOK_UID, TOK_JAIL, -1 };
 
 static struct _s_x rule_options[] = {
 	{ "tagged",		TOK_TAGGED },
@@ -365,8 +368,8 @@ do_cmd(int optname, void *optval, uintptr_t optlen)
 	if (s < 0)
 		err(EX_UNAVAILABLE, "socket");
 
-	if (optname == IP_FW_GET || optname == IP_FW_DYN_GET ||
-	    optname == IP_DUMMYNET_GET ||
+	if (optname == IP_FW_GET || optname == IP_DUMMYNET_GET ||
+	    optname == IP_FW_DYN_GET ||
 	    optname == IP_FW_ADD || optname == IP_FW_TABLE_LIST ||
 	    optname == IP_FW_TABLE_GETSIZE || 
 	    optname == IP_FW_NAT_GET_CONFIG || 
@@ -756,8 +759,8 @@ print_ip(ipfw_insn_ip *cmd, char const *s)
 
 		if (d < sizeof(lookup_key)/sizeof(lookup_key[0]))
 			arg = match_value(rule_options, lookup_key[d]);
-		printf("%s lookup %s %d,%d", cmd->o.len & F_NOT ? " not": "",
-			arg, cmd->o.arg1, a[0]);
+		printf("%s lookup %s %d", cmd->o.len & F_NOT ? " not": "",
+			arg, cmd->o.arg1);
 		return;
 	}
 	printf("%s%s ", cmd->o.len & F_NOT ? " not": "", s);
@@ -2777,7 +2780,7 @@ chkarg:
 		 * the routing code seems to use it too.
 		 */
 		p->sa.sin_family = AF_INET;
-		//p->sa.sin_len = sizeof(struct sockaddr_in);
+		p->sa.sin_len = sizeof(struct sockaddr_in);
 		p->sa.sin_port = 0;
 		/*
 		 * locate the address-port separator (':' or ',')
@@ -3518,26 +3521,21 @@ read_options:
 			int j;
 
 			if (ac < 2)
-				errx(EX_USAGE, "format: lookup argument tablenum[,arg]");
+				errx(EX_USAGE, "format: lookup argument tablenum");
 			cmd->opcode = O_IP_DST_LOOKUP;
 			cmd->len |= F_INSN_SIZE(ipfw_insn) + 2;
 			i = match_token(rule_options, *av);
-			for (j = 0; lookup_key[j] ; j++) {
+			for (j = 0; lookup_key[j] >= 0 ; j++) {
 				if (i == lookup_key[j])
 					break;
 			}
-			if (lookup_key[j] == 0)
+			if (lookup_key[j] <= 0)
 				errx(EX_USAGE, "format: cannot lookup on %s", *av);
 			c->d[1] = j; // i converted to option
 			ac--; av++;
-			p = strchr(*av, ',');
-			if (p) {
-				*p++ = '\0';
-				c->d[0] = strtoul(p, NULL, 0);
-			} else {
-				c->d[0] = ~0;
-			}
-			cmd->arg1 = strtoul(*av, NULL, 0);
+			cmd->arg1 = strtoul(*av, &p, 0);
+			if (p && *p)
+				errx(EX_USAGE, "format: lookup argument tablenum");
 			ac--; av++;
 		    }
 			break;