Date: Mon, 24 Mar 2014 17:54:13 GMT From: "Vladislav V. Prodan" <admin@support.od.ua> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/187904: ipfw (8) does not properly recognize the network in shorthand Message-ID: <201403241754.s2OHsDdL033163@cgiserv.freebsd.org> Resent-Message-ID: <201403241800.s2OI02O5044926@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 187904 >Category: misc >Synopsis: ipfw (8) does not properly recognize the network in shorthand >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Mar 24 18:00:01 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Vladislav V. Prodan >Release: FreeBSD 10.0 >Organization: support.od.ua >Environment: FreeBSD bimbo.YYY 10.0-STABLE FreeBSD 10.0-STABLE #0: Sun Mar 23 08:14:35 EET 2014 root@bimbo.YYY:/usr/obj/usr/src/sys/bimbo.3 amd64 >Description: When network is added to the table ipfw in shortened form, network ::/0 appears By the context of the rules ipfw - drop or reset, network ::/0 can block access to the target machine. In the system 9.0 such behavior was not observed. For example, the network 177.204/14 #whois -L 177.204/14 .. inetnum: 177.204/14 aut-num: AS18881 abuse-c: GOI owner: Global Village Telecom .. >How-To-Repeat: #ipfw table 100 list #ipfw table 100 add 177.204/14 #ipfw table 100 list ::/0 0 >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403241754.s2OHsDdL033163>