kern/121807: Sugestion: TCP and UDP port_table in ipfw

[Joao Rocha Braga Filho]

>Number:         121807
>Category:       kern
>Synopsis:       Sugestion: TCP and UDP port_table in ipfw
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Mar 17 20:20:01 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Joao Rocha Braga Filho
>Release:        6.2, 6.3 and 7.0
>Organization:
Paraty.com
>Environment:
>Description:
Why not exist a TCP/UDP port_table for IPFW? It can solve 30 itens limit in ipfw rule. It is good to use in QoS.

Example

ipfw add allow { tcp or udp } from any port_table(10) to any

ipfw port_table 10 add 20,21,25,110,443,993,995,1025-65535

# Deny bad ports
ipfw add deny { tcp or udp } from any to any port_table(11)

ipfw port_table 11 add 135,137-139,445

ipfw add queue 100 udp from any port_table(20) to any
ipfw port_table(20) add 123,53


>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted: