Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 31 Aug 2001 12:20:42 +0300
From:      Ruslan Ermilov <ru@FreeBSD.ORG>
To:        David Hill <david@phobia.ms>
Cc:        current@FreeBSD.ORG
Subject:   Re: ipfw syntax - should this error?
Message-ID:  <20010831122042.C32037@sunbay.com>
In-Reply-To: <000901c131b4$3fbe6080$0201a8c0@hill.hom>; from david@phobia.ms on Thu, Aug 30, 2001 at 08:31:16PM -0400
References:  <000901c131b4$3fbe6080$0201a8c0@hill.hom>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is the documented behavior.

:   With the TCP and UDP protocols, optional ports may be specified
:   as:
:
:         {port|port-port|port:mask}[,port[,...]]
:
:   The `-' notation specifies a range of ports (including bound-
:   aries).
:
:   The `:' notation specifies a port and a mask, a match is declared
:   if the port number in the packet matches the one in the rule,
:   limited to the bits which are set in the mask.
:
:   Service names (from /etc/services) may be used instead of numeric
:   port values.  A range may only be specified as the first value,
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:   and the length of the port list is limited to IP_FW_MAX_PORTS
:   ports (as defined in /usr/src/sys/netinet/ip_fw.h).

On Thu, Aug 30, 2001 at 08:31:16PM -0400, David Hill wrote:
> The following ipfw commands produce an error.
> 
> Could we make this work:
> ipfw add allow udp from any to any lowport,higherport1-higherport2
> Instead of
> ipfw add allow udp from any to any highport1-highport2,lowpot
> 
> Could we make this work:
>     ipfw add allow udp from any to any range1-range2, range3-range4
> Instead of having to do
>     ipfw add allow udp from any to any range1-range2
>     ipfw add allow udp from any to any range3-range4
> 
> fog# uname -a
> FreeBSD fog.hill.hom 4.4-RC FreeBSD 4.4-RC #0: Thu Aug 30 15:02:13 EDT 2001
> david@fog:/usr/src/sys/compile/FOG  i386
> 
> Thanks
> David

-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010831122042.C32037>