On Tue, Nov 19, 2013 at 11:21 PM, Andreas Nilsson <andrn...@gmail.com>wrote:
> > > > On Tue, Nov 19, 2013 at 9:36 PM, Özkan KIRIK <ozkan.ki...@gmail.com>wrote: > >> Hi, >> >> >> >> On Tue, Nov 19, 2013 at 10:22 PM, Andreas Nilsson <andrn...@gmail.com>wrote: >> >>> >>> >>> >>> On Tue, Nov 19, 2013 at 8:55 PM, Özkan KIRIK <ozkan.ki...@gmail.com>wrote: >>> >>>> Hi, >>>> >>>> I'm using kernel FreeBSD 10.0-BETA3 #2 r257635 kernel. >>>> I am trying to add port number to ipfw tables. But there is something >>>> strange : >>>> Problem is easily repeatable. >>>> >>>> #ipfw table 1 flush >>>> #ipfw table 1 add 4899 >>>> #ipfw table 1 list >>>> ::/0 0 >>>> >>> Works with ipfw table 1 add 0 4899 >>> >> No, i want to use this table as port list ( to use with "lookup src-port >> 1" ) . If you add like this, you cannot match against ports. Am I wrong? >> > No, that should be possible. > >> >> >>> >>>> #ipfw table 1 flush >>>> #ipfw table 1 add 10.2.3.01 ( not 10.0.0.1, the last 1 has 0 as >>>> prefix ) >>>> #ipfw table 1 list >>>> ::/0 0 >>>> >>> Did you mean ipfw table 1 add 10.2.3.0 1 ? That works for me. >>> >> Please dont leave spaces between 0 and 1. >> > Ok. any specific reason to type it as 10.2.3.01 instead 0f 10.2.3.1 ? > There is no specific reason, but both 10.2.3.01 and 10.2.3.1 are has true syntax. The problem is, ipfw doesnt throw any errors, but record added as 0.0.0.0/0( all the IPv4 network ). This behaviour is really dangerous. FreeBSD 8.2 and 8.4 doesnt have this problem. >> >>> >>>> #ipfw table 1 delete ::/0 >>>> ipfw: setsockopt(IP_FW_TABLE_XDEL): No such process >>>> >>> However ipfw table 1 delete 0.0.0.0/0 does. >>> >> Thank you >> >>> >>>> >>>> I guess that, this problem is related to radix mask calculation >>>> problem/fix. >>>> >>>> Is there a quick solution for this. >>>> Best, regards, >>> >>> >>> Best regards >>> Andreas >>> >> >> Best regards, >> Ozkan. >> >> > > Best regards > Andreas > _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
