kern/177948: ipfw fails to parse port ranges (p1-p2) for udp

Jukka Ukkonen jau at
Thu Apr 18 08:30:01 UTC 2013

>Number:         177948
>Category:       kern
>Synopsis:       ipfw fails to parse port ranges (p1-p2) for udp
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 18 08:30:00 UTC 2013
>Originator:     Jukka Ukkonen
>Release:        9.1-STABLE
FreeBSD sleipnir 9.1-STABLE FreeBSD 9.1-STABLE #0 r249607M: Thu Apr 18 09:18:42 EEST 2013     root at sleipnir:/usr/obj/usr/src/sys/Sleipnir  amd64

ipfw does not understand port ranges on lines like this...

add 03011 deny log udp from any to any 1024-65535 in recv em1

Instead of treating the numbers and the dash between them as a port range
it complains about "-65535".

The error has been occurring only when the protocol has been UDP.
When the protocol is TCP ipfw properly handles the port range as expected.
Notice that SCTP has not been tested.

Try adding a configuration line like the one shown in "full description",
restart ipfw, and see it complain something like this...

Line 7368: unrecognised option [-1] -65535

No idea yet.


More information about the freebsd-bugs mailing list