From owner-freebsd-questions Tue Oct 5 15: 9:26 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mail.rdc2.on.home.com (ha1.rdc2.on.home.com [24.9.0.15]) by hub.freebsd.org (Postfix) with ESMTP id EF45A1566E for ; Tue, 5 Oct 1999 15:07:39 -0700 (PDT) (envelope-from street@iname.com) Received: from mired.eh.local ([24.64.136.188]) by mail.rdc2.on.home.com (InterMail v4.01.01.07 201-229-111-110) with ESMTP id <19991005220738.IJTA5795.mail.rdc2.on.home.com@mired.eh.local>; Tue, 5 Oct 1999 15:07:38 -0700 Received: (from kws@localhost) by mired.eh.local (8.9.3/8.9.3) id SAA40666; Tue, 5 Oct 1999 18:07:37 -0400 (EDT) (envelope-from kws) To: Jenkins.Mike@epamail.epa.gov Cc: dnelson@emsphone.com, ru@ucb.crimea.ua, questions@FreeBSD.ORG Subject: Re: ipfw and ports > 1023? References: <85256801.006877BD.00@EPAHUB2.RTP.EPA.GOV> From: Kevin Street Date: 05 Oct 1999 18:07:37 -0400 In-Reply-To: Jenkins.Mike@epamail.epa.gov's message of "Tue, 05 Oct 1999 14:06:10 -0500" Message-ID: <871zb91mxi.fsf@mired.eh.local> Lines: 25 X-Mailer: Gnus v5.6.45/XEmacs 21.1 - "20 Minutes to Nikko" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Jenkins.Mike@epamail.epa.gov writes: > My second sentence in the original post hinted about this but ... > In the ipfw(8) manual page it says: > > "A range may only be specified as the first value, and the length > of the port list is limited to IP_FW_MAX_PORTS (as defined > in /usr/src/sys/netinet/ip_fw.h) ports." > > IP_FW_MAX_PORTS is 10 so the maximum number of ports listed is 10. > So 20-29 would be ok (and so would 20-24,50,60,70,80,90) but 1024-65535 > is NOT ok and probably results in 1024-1033. Did you try it? It does not do this. 1024-65535 works. IP_FW_MAX_PORTS only affects the number of things you can specify on the ipfw command line, not the size of the range. >I think the intent is to allow a small number > of ports on a single rule rather than having multiple rules. Eg: right -- Kevin Street street@iname.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message