[Bug 226688] [ipfw] rejects adding 255.255.255.255 to a table
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Mar 18 03:00:52 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=226688
--- Comment #4 from Rodney W. Grimes <rgrimes at FreeBSD.org> ---
255.255.255.255 is a special broadcast IP addresses used to broadcast on "this
network". That is not applicable in this case though.
BUT 255.255.255.255 should be a perfectly valid table entry for the reasons the
submitter stated. If for some odd reason someone got this IP on the wire you
would want ipfw to filter it out.
As a workaround you could use 255.255.255.254/31, this is pretty safe as:
240.0.0.0/4 is "reserved". Which you could also use to block this, and
if your trying to block bad addresses you should block 240/4 anyway.
I am not sure how much effort it is worth trying to fix this.
And now that I see:
${fwcmd} table ${BAD_ADDR_TBL} add 240.0.0.0/4
is already in /etc/rc.firewall
which would include 255.255.255.255
this bug could be closed as "to hard to fix"
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ipfw
mailing list