On Tue, 2013-11-19 at 23:26 +0200, Özkan KIRIK wrote: > On Tue, Nov 19, 2013 at 11:21 PM, Andreas Nilsson <[email protected]>wrote: > > > > > > > > > On Tue, Nov 19, 2013 at 9:36 PM, Özkan KIRIK <[email protected]>wrote: > > > >> Hi, > >> > >> > >> > >> On Tue, Nov 19, 2013 at 10:22 PM, Andreas Nilsson > >> <[email protected]>wrote: > >> > >>> > >>> > >>> > >>> On Tue, Nov 19, 2013 at 8:55 PM, Özkan KIRIK <[email protected]>wrote: > >>> > >>>> Hi, > >>>> > >>>> I'm using kernel FreeBSD 10.0-BETA3 #2 r257635 kernel. > >>>> I am trying to add port number to ipfw tables. But there is something > >>>> strange : > >>>> Problem is easily repeatable. > >>>> > >>>> #ipfw table 1 flush > >>>> #ipfw table 1 add 4899 > >>>> #ipfw table 1 list > >>>> ::/0 0 > >>>> > >>> Works with ipfw table 1 add 0 4899 > >>> > >> No, i want to use this table as port list ( to use with "lookup src-port > >> 1" ) . If you add like this, you cannot match against ports. Am I wrong? > >> > > No, that should be possible. > > > >> > >> > >>> > >>>> #ipfw table 1 flush > >>>> #ipfw table 1 add 10.2.3.01 ( not 10.0.0.1, the last 1 has 0 as > >>>> prefix ) > >>>> #ipfw table 1 list > >>>> ::/0 0 > >>>> > >>> Did you mean ipfw table 1 add 10.2.3.0 1 ? That works for me. > >>> > >> Please dont leave spaces between 0 and 1. > >> > > Ok. any specific reason to type it as 10.2.3.01 instead 0f 10.2.3.1 ? > > > There is no specific reason, but both 10.2.3.01 and 10.2.3.1 are has true > syntax. > The problem is, ipfw doesnt throw any errors, but record added as > 0.0.0.0/0( all the IPv4 network ). This behaviour is really dangerous. > > FreeBSD 8.2 and 8.4 doesnt have this problem.
For this, I wonder if ipfw was recently changed from using inet_aton() to inet_pton() to parse addresses? Our implementation of inet_pton() does not match the manpage -- it's supposed to accept decimal, octal, or hex numbers for each of the dotted IP comonents, but it accepts decimal only. 10.2.3.01 appears to cause it to return 0 as the address. Our inet_aton() handles oct/dec/hex. -- Ian _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "[email protected]"
