From owner-freebsd-current  Fri Aug 31  2:37: 7 2001
Delivered-To: freebsd-current@freebsd.org
Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65])
	by hub.freebsd.org (Postfix) with ESMTP id 0F71537B405
	for <current@FreeBSD.ORG>; Fri, 31 Aug 2001 02:37:01 -0700 (PDT)
	(envelope-from ru@whale.sunbay.crimea.ua)
Received: (from ru@localhost)
	by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f7V9Kgh41909;
	Fri, 31 Aug 2001 12:20:42 +0300 (EEST)
	(envelope-from ru)
Date: Fri, 31 Aug 2001 12:20:42 +0300
From: Ruslan Ermilov <ru@FreeBSD.ORG>
To: David Hill <david@phobia.ms>
Cc: current@FreeBSD.ORG
Subject: Re: ipfw syntax - should this error?
Message-ID: <20010831122042.C32037@sunbay.com>
References: <000901c131b4$3fbe6080$0201a8c0@hill.hom>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <000901c131b4$3fbe6080$0201a8c0@hill.hom>; from david@phobia.ms on Thu, Aug 30, 2001 at 08:31:16PM -0400
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

This is the documented behavior.

:   With the TCP and UDP protocols, optional ports may be specified
:   as:
:
:         {port|port-port|port:mask}[,port[,...]]
:
:   The `-' notation specifies a range of ports (including bound-
:   aries).
:
:   The `:' notation specifies a port and a mask, a match is declared
:   if the port number in the packet matches the one in the rule,
:   limited to the bits which are set in the mask.
:
:   Service names (from /etc/services) may be used instead of numeric
:   port values.  A range may only be specified as the first value,
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
:   and the length of the port list is limited to IP_FW_MAX_PORTS
:   ports (as defined in /usr/src/sys/netinet/ip_fw.h).

On Thu, Aug 30, 2001 at 08:31:16PM -0400, David Hill wrote:
> The following ipfw commands produce an error.
> 
> Could we make this work:
> ipfw add allow udp from any to any lowport,higherport1-higherport2
> Instead of
> ipfw add allow udp from any to any highport1-highport2,lowpot
> 
> Could we make this work:
>     ipfw add allow udp from any to any range1-range2, range3-range4
> Instead of having to do
>     ipfw add allow udp from any to any range1-range2
>     ipfw add allow udp from any to any range3-range4
> 
> fog# uname -a
> FreeBSD fog.hill.hom 4.4-RC FreeBSD 4.4-RC #0: Thu Aug 30 15:02:13 EDT 2001
> david@fog:/usr/src/sys/compile/FOG  i386
> 
> Thanks
> David

-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message