From c22eeeff1ef0884fd3c76f4ff2c72caa9de82fd5 Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Fri, 20 May 2022 12:34:54 +0200 Subject: [PATCH] fw4: support negative CIDR bit notation Add support for CIDR notation with a negative bit count to be compatible with firewall3. Signed-off-by: Jo-Philipp Wich --- root/usr/share/ucode/fw4.uc | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/root/usr/share/ucode/fw4.uc b/root/usr/share/ucode/fw4.uc index 7ea8bc3..cfef69c 100644 --- a/root/usr/share/ucode/fw4.uc +++ b/root/usr/share/ucode/fw4.uc @@ -131,14 +131,19 @@ const dscp_classes = { }; function to_mask(bits, v6) { - let m = []; + let m = [], n = false; - if (bits < 0 || bits > (v6 ? 128 : 32)) + if (bits < 0) { + n = true; + bits = -bits; + } + + if (bits > (v6 ? 128 : 32)) return null; for (let i = 0; i < (v6 ? 16 : 4); i++) { let b = (bits < 8) ? bits : 8; - m[i] = (0xff << (8 - b)) & 0xff; + m[i] = (n ? ~(0xff << (8 - b)) : (0xff << (8 - b))) & 0xff; bits -= b; } -- 2.30.2