#20380: firewall zone name length of 12 characters or more breaks all networking
--------------------------+-----------------------------------
Reporter: tim@… | Owner: developers
Type: defect | Status: new
Priority: high | Milestone:
Component: base system | Version: Barrier Breaker 14.07
Resolution: | Keywords:
--------------------------+-----------------------------------
Comment (by hnyman):
It seems to me that the limit set in firewall3 sources (zones.h) is
probably wrongly using XT_TABLE_MAXNAMELEN (=32) instead of
XT_EXTENSION_MAXNAMELEN (=29) as the basis when defining the limit as 14:
http://nbd.name/gitweb.cgi?p=firewall3.git;a=blob;f=zones.h;h=4205196268f75061280ac13da656ab4362245a06;hb=18a503d0125aebc3a8d62dad1c02e6bb1da92eb6#l25
{{{
/* 32 - sizeof("postrouting_") - sizeof("_rule") - sizeof("\0") */
#define FW3_ZONE_MAXNAMELEN 14
}}}
Reference to iptables:
http://git.netfilter.org/iptables/tree/iptables/iptables.c?id=482c6d3731e2681cb4baae835c294840300197e6#n381
XT_EXTENSION_MAXNAMELEN as 29:
http://lxr.free-
electrons.com/source/include/uapi/linux/netfilter/x_tables.h
Repeating the same calculation, but starting from 29 would lead to 11 as
the allowed max. length for a zone name.
--
Ticket URL: <https://dev.openwrt.org/ticket/20380#comment:1>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
