Page MenuHomeFreeBSD

rtsold: pass sending router address to other and managed script
ClosedPublic

Authored by franco_opnsense.org on Aug 12 2021, 8:48 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Nov 10, 12:45 AM
Unknown Object (File)
Fri, Oct 25, 10:44 AM
Unknown Object (File)
Oct 14 2024, 4:57 PM
Unknown Object (File)
Sep 23 2024, 4:10 AM
Unknown Object (File)
Sep 22 2024, 11:43 PM
Unknown Object (File)
Sep 22 2024, 9:18 PM
Unknown Object (File)
Sep 19 2024, 1:20 AM
Unknown Object (File)
Sep 17 2024, 3:28 PM

Details

Summary

Partially based on an old pfSense modification that never made it
to FreeBSD upstream.

See: https://github.com/fichtner/pfsense-tools/commit/2a78e6483

Test Plan

Running for many years on pfSense and OPNsense

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

usr.sbin/rtsold/rtsol.c
83

It looks like ntopbuf is not initialized at the points where rtsol_input() invokes the scripts.

usr.sbin/rtsold/rtsol.c
83

It's being set via line 289 inside warnmsg() unconditionally. Scripts are called in line 307 and 324. I don't mind making it more explicit if you think that would help.

usr.sbin/rtsold/rtsol.c
83

Sorry, I see. Yes, I think making it a separate statement would be preferable. For good measure, I would make sure that ntopbuf is zeroed at the beginning of the function.

now avoids raw access to ntopbuf from scripts call

usr.sbin/rtsold/rtsol.c
83

Created access through new variable via inet_ntop() call which mimics the other invokes. I am not sure initializing ntopbuf does anything since only inet_ntop() and snprintf() are being used to write and check for success. If an error occurred any one of those invokes that could taint the data for the next use anyway.

I think this is ok. Is there any reason not to supply the sender's addr to the other script types, if only for consistency?

usr.sbin/rtsold/rtsol.c
83

I was mostly concerned about the possibility of someone in the future shuffling things around such that ntopbuf is left uninitialized, but your approach is better.

This revision is now accepted and ready to land.Aug 13 2021, 2:06 PM

The only other script is the DNS script and it looks like -u already does append the sender address to that script's data.

I am not a FreeBSD committer... how will the two rtsold patches move into the tree? Thanks for your help.

The only other script is the DNS script and it looks like -u already does append the sender address to that script's data.

I see, sorry again for the misapprehension.

I am not a FreeBSD committer... how will the two rtsold patches move into the tree? Thanks for your help.

I will commit them this weekend if that works for you.