ipfw table add problem

[Özkan KIRIK]

On Tue, Nov 19, 2013 at 11:21 PM, Andreas Nilsson <andrnils at gmail.com>wrote:

>
>
>
> On Tue, Nov 19, 2013 at 9:36 PM, Özkan KIRIK <ozkan.kirik at gmail.com>wrote:
>
>> Hi,
>>
>>
>>
>> On Tue, Nov 19, 2013 at 10:22 PM, Andreas Nilsson <andrnils at gmail.com>wrote:
>>
>>>
>>>
>>>
>>> On Tue, Nov 19, 2013 at 8:55 PM, Özkan KIRIK <ozkan.kirik at gmail.com>wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm using kernel FreeBSD 10.0-BETA3 #2 r257635 kernel.
>>>> I am trying to add port number to ipfw tables. But there is something
>>>> strange :
>>>> Problem is easily repeatable.
>>>>
>>>> #ipfw table 1 flush
>>>> #ipfw table 1 add 4899
>>>> #ipfw table 1 list
>>>> ::/0 0
>>>>
>>> Works with ipfw table 1 add 0 4899
>>>
>> No, i want to use this table as port list ( to use with "lookup src-port
>> 1" ) . If you add like this, you cannot match against ports. Am I wrong?
>>
> No, that should be possible.
>
>>
>>
>>>
>>>> #ipfw table 1 flush
>>>> #ipfw table 1 add 10.2.3.01       ( not 10.0.0.1,   the last 1 has 0 as
>>>> prefix )
>>>> #ipfw table 1 list
>>>> ::/0 0
>>>>
>>> Did you mean ipfw table 1 add 10.2.3.0 1 ? That works for me.
>>>
>> Please dont leave spaces between 0 and 1.
>>
> Ok. any specific reason to type it as 10.2.3.01 instead 0f 10.2.3.1 ?
>
There is no specific reason, but both 10.2.3.01 and 10.2.3.1 are has true
syntax.
The problem is, ipfw doesnt throw any errors, but record added as
0.0.0.0/0( all the IPv4 network ). This behaviour is really dangerous.

FreeBSD 8.2 and 8.4 doesnt have this problem.


>>
>>>
>>>> #ipfw table 1 delete ::/0
>>>> ipfw: setsockopt(IP_FW_TABLE_XDEL): No such process
>>>>
>>> However ipfw table 1 delete 0.0.0.0/0 does.
>>>
>> Thank you
>>
>>>
>>>>
>>>> I guess that, this problem is related to radix mask calculation
>>>> problem/fix.
>>>>
>>>> Is there a quick solution for this.
>>>> Best, regards,
>>>
>>>
>>> Best regards
>>> Andreas
>>>
>>
>> Best regards,
>> Ozkan.
>>
>>
>
> Best regards
> Andreas
>