Control: tags -1 confirmed patch upstream
On 2023-02-12, at 11:01:27 +0100, Romain Francoise wrote:
> On Sat, Feb 11, 2023 at 03:37:00PM +0000, Jeremy Sowden wrote:
> > My inclination is just to use awk to pick out the second field. For
> > example,
> >
> > $ ip -f inet6 addr show dev lo | awk '$1 == "inet6" { print $2 }'
> > ::1/128
>
> Yes.Here's a patch that fixes the parsing that gave rise to this report and a couple of other similar instances. I stopped at that point 'cause the remaining instances, which involve picking out broadcast addresses will still be brittle and complicated even with awk. > Although all this parsing of `ip' output is fraught with danger, > ideally Shorewall would use the JSON version (but that requires a > dependency on `jq' or similar)...
--- a/shorewall/Perl/lib.runtime
+++ b/shorewall/Perl/lib.runtime
@@ -697,7 +697,7 @@
#
find_interface_addresses() # $1 = interface
{
- $IP -f inet addr show $1 2> /dev/null | grep inet\ | sed 's/\s*inet //;s/\/.*//;s/ peer.*//'
+ $IP -f inet addr show $1 2> /dev/null | awk '$1 == "inet" { sub(/\/[[:digit:]]+$/, "", $2); print $2 }'
}
#
@@ -1131,7 +1131,7 @@
#
find_interface_addresses() # $1 = interface
{
- $IP -f inet6 addr show $1 2> /dev/null | grep 'inet6 2' | sed 's/\s*inet6 //;s/\/.*//;s/ peer [0-9a-f:]*//'
+ $IP -f inet6 addr show $1 2> /dev/null | awk '$1 == "inet6 && $2 ~ /^2/ { sub(/\/[[:digit:]]+$/, "", $2); print $2 }'
}
#
@@ -1140,7 +1140,7 @@
find_interface_full_addresses() # $1 = interface
{
- $IP -f inet6 addr show $1 2> /dev/null | grep 'inet6 ' | sed 's/\s*inet6 //;s/ scope.*//;s/ peer [0-9a-f:]*//'
+ $IP -f inet6 addr show $1 2> /dev/null | awk '$1 == "inet6" { print $2 }'
}
#
signature.asc
Description: PGP signature
