--- ipfw.c.orig Fri Jan 12 11:32:32 2001 +++ ipfw.c Tue Feb 20 21:09:00 2001 @@ -718,6 +718,44 @@ show_ipfw(r, pcwidth, bcwidth); } + /* + * show dynamic rules + */ + if (num * sizeof (rules[0]) != nbytes ) { + struct ipfw_dyn_rule *d = + (struct ipfw_dyn_rule *)&rules[num] ; + struct in_addr a ; + struct protoent *pe; + + printf("## Dynamic rules:\n"); + for (;; d++) { + printf("%05d %qu %qu (T %d, # %d) ty %d", + (int)(d->chain), + d->pcnt, d->bcnt, + d->expire, + d->bucket, + d->type); + pe = getprotobynumber(d->id.proto); + if (pe) + printf(" %s,", pe->p_name); + else + printf(" %u,", d->id.proto); + a.s_addr = htonl(d->id.src_ip); + printf(" %s", inet_ntoa(a)); + printf(" %d", d->id.src_port); + switch (d->type) { + default: /* bidir, no mask */ + printf(" <->"); + break ; + } + a.s_addr = htonl(d->id.dst_ip); + printf(" %s", inet_ntoa(a)); + printf(" %d", d->id.dst_port); + printf("\n"); + if (d->next == NULL) + break ; + } + } } else { /* display specific rules requested on command line */ int exitval = EX_OK; @@ -754,44 +792,6 @@ if (exitval != EX_OK) exit(exitval); } - /* - * show dynamic rules - */ - if (num * sizeof (rules[0]) != nbytes ) { - struct ipfw_dyn_rule *d = - (struct ipfw_dyn_rule *)&rules[num] ; - struct in_addr a ; - struct protoent *pe; - - printf("## Dynamic rules:\n"); - for (;; d++) { - printf("%05d %qu %qu (T %d, # %d) ty %d", - (int)(d->chain), - d->pcnt, d->bcnt, - d->expire, - d->bucket, - d->type); - pe = getprotobynumber(d->id.proto); - if (pe) - printf(" %s,", pe->p_name); - else - printf(" %u,", d->id.proto); - a.s_addr = htonl(d->id.src_ip); - printf(" %s", inet_ntoa(a)); - printf(" %d", d->id.src_port); - switch (d->type) { - default: /* bidir, no mask */ - printf(" <->"); - break ; - } - a.s_addr = htonl(d->id.dst_ip); - printf(" %s", inet_ntoa(a)); - printf(" %d", d->id.dst_port); - printf("\n"); - if (d->next == NULL) - break ; - } - } free(data); }