Re: ipfw parsing bug
From: Petri Helenius (pete_at_he.iki.fi)
Date: 08/28/03
- Previous message: Maxim Konovalov: "Re: ipfw parsing bug"
- In reply to: Maxim Konovalov: "Re: ipfw parsing bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Thu, 28 Aug 2003 23:35:31 +0300 To: Maxim Konovalov <maxim@macomnet.ru>
Maxim Konovalov wrote:
>On Thu, 28 Aug 2003, 23:01+0300, Petri Helenius wrote:
>
>
>
>>ipfw seems to have developed a bug lately on 5-CURRENT;
>># ipfw add 2042 allow tcp from 0.0.0.0/0 to me
>>42
>>02042 allow tcp from me to me dst-port 42
>>
>>It used to work that 0.0.0.0/0 was "any" instead of "me". Last I checked
>>the notation is also widely used in networking gear for default route which
>>is a "catch any" definition.
>>
>>
>
>Known ipfw2 bug. Try this:
>
It works, please press the big red COMMIT button!
# ipfw add 2043 allow tcp from 0.0.0.0/0 to me dst-port 42
02043 allow tcp from any to me dst-port 42
Thanks,
Pete
>Index: ipfw2.c
>===================================================================
>RCS file: /home/ncvs/src/sbin/ipfw/ipfw2.c,v
>retrieving revision 1.38
>diff -u -r1.38 ipfw2.c
>--- ipfw2.c 21 Jul 2003 09:56:05 -0000 1.38
>+++ ipfw2.c 28 Jul 2003 15:51:26 -0000
>@@ -2046,7 +2046,7 @@
> errx(EX_DATAERR, "not any never matches");
> }
> /* else do nothing and skip this entry */
>- continue;
>+ return;
> }
> /* A single IP can be stored in an optimized format */
> if (d[1] == IP_MASK_ALL && av == NULL && len == 0) {
>%%%
>
>
>
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Maxim Konovalov: "Re: ipfw parsing bug"
- In reply to: Maxim Konovalov: "Re: ipfw parsing bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
