NetBSD Problem Report #51900

From www@NetBSD.org  Fri Jan 20 19:32:10 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 3F26D7A16E
	for <gnats-bugs@gnats.NetBSD.org>; Fri, 20 Jan 2017 19:32:10 +0000 (UTC)
Message-Id: <20170120193209.5D5E47A2AE@mollari.NetBSD.org>
Date: Fri, 20 Jan 2017 19:32:09 +0000 (UTC)
From: rhunter@riseup.net
Reply-To: rhunter@riseup.net
To: gnats-bugs@NetBSD.org
Subject: npfctl doesn't recognize x.x.x.x/32 as a valid address/mask
X-Send-Pr-Version: www-1.0

>Number:         51900
>Category:       bin
>Synopsis:       npfctl doesn't recognize x.x.x.x/32 as a valid address/mask
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jan 20 19:35:00 +0000 2017
>Closed-Date:    Sat Jan 19 21:46:33 +0000 2019
>Last-Modified:  Sat Jan 19 21:46:33 +0000 2019
>Originator:     Rob Hunter
>Release:        7.0.2
>Organization:
>Environment:
NetBSD bard.localdomain 7.0.2 NetBSD 7.0.2 (GENERIC.201610210724Z) amd64
>Description:
npfctl errors when adding a single IP address with a /32 mask to a table.

I wrote a script that takes the existing entries of a table with "npfctl table <table> list", compares it with new entries, then combines the 2 into a new table.  "npfctl table <table> list" returns single IP addresses with the /32 mask on it so I had to strip the /32 off of it before re-adding it to the table.

I think it makes sense to have npfctl recognize /32 as valid so what comes out can also go back in.
>How-To-Repeat:
# npfctl table goodguys add 1.2.3.4
npfctl: success
# npfctl table goodguys list
1.2.3.4/32
# npfctl table goodguys list | xargs npfctl table goodguys rem
npfctl: invalid address, mask or table ID
# 

>Fix:

>Release-Note:

>Audit-Trail:
From: "David H. Gutteridge" <david@gutteridge.ca>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: bin/51900 (npfctl doesn't recognize x.x.x.x/32 as a valid
 address/mask)
Date: Mon, 07 Jan 2019 20:14:36 -0500

 Hello,

 You don't state which table type you used in your example, but I
 infer it must not be the tree type. That's the only type that will
 accept masks. The npfctl(8) man page does note this limitation where
 table entries are discussed.

 Having said that, I agree with you it's counterintuitive for a tool
 to output a value which it then cannot ingest in the same form. I do
 see an additional man page where this could be explicitly mentioned,
 so I'll address that now.

 Dave


From: "David H. Gutteridge" <gutteridge@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51900 CVS commit: src/usr.sbin/npf/npfctl
Date: Tue, 8 Jan 2019 01:19:16 +0000

 Module Name:	src
 Committed By:	gutteridge
 Date:		Tue Jan  8 01:19:16 UTC 2019

 Modified Files:
 	src/usr.sbin/npf/npfctl: npf.conf.5

 Log Message:
 npf.conf(5): add a minor clarification about table types that can't
 accept masks on IP addresses. Prompted by Rob Hunter in PR bin/51900.


 To generate a diff of this commit:
 cvs rdiff -u -r1.79 -r1.80 src/usr.sbin/npf/npfctl/npf.conf.5

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: rmind@NetBSD.org
State-Changed-When: Sat, 19 Jan 2019 21:46:33 +0000
State-Changed-Why:
Fixed.


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.