bin/50749: ipfw2 incorrectly parses ports and port ranges

Luigi Rizzo rizzo at icir.org
Sat Jun 28 09:30:21 PDT 2003


The following reply was made to PR bin/50749; it has been noted by GNATS.

From: Luigi Rizzo <rizzo at icir.org>
To: freebsd-gnats-submit at FreeBSD.org
Cc:  
Subject: Re: bin/50749: ipfw2 incorrectly parses ports and port ranges
Date: Sat, 28 Jun 2003 09:25:34 -0700

 as the ipfw manpage says, dashes in service names must be
 escaped by a backslash (which in the shell must be escaped by
 a backslash, so you have to write
 
 	ipfw add 1000 allow tcp from any to any ftp,ftp\\-data,ssh,www
 
 to make it work). So that part of the patch certainly does not
 apply. I agree that the parser should not silently drop the
 remaining of the string in case of an error.
 
 	cheers
 	luigi


More information about the freebsd-ipfw mailing list