From owner-freebsd-stable@FreeBSD.ORG  Thu Nov 21 14:50:48 2013
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 063ED74E;
 Thu, 21 Nov 2013 14:50:48 +0000 (UTC)
Received: from mho-02-ewr.mailhop.org (mho-02-ewr.mailhop.org [204.13.248.72])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id CEE542C9E;
 Thu, 21 Nov 2013 14:50:47 +0000 (UTC)
Received: from c-24-8-230-52.hsd1.co.comcast.net ([24.8.230.52]
 helo=damnhippie.dyndns.org)
 by mho-02-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256)
 (Exim 4.72) (envelope-from <ian@FreeBSD.org>)
 id 1VjVag-000A5G-UE; Thu, 21 Nov 2013 14:50:47 +0000
Received: from [172.22.42.240] (revolution.hippie.lan [172.22.42.240])
 by damnhippie.dyndns.org (8.14.3/8.14.3) with ESMTP id rALEohiC082595;
 Thu, 21 Nov 2013 07:50:43 -0700 (MST) (envelope-from ian@FreeBSD.org)
X-Mail-Handler: Dyn Standard SMTP by Dyn
X-Originating-IP: 24.8.230.52
X-Report-Abuse-To: abuse@dyndns.com (see
 http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse
 reporting information)
X-MHO-User: U2FsdGVkX199xY+OQvRhOcfpw9jqqrLn
Subject: Re: ipfw table add problem
From: Ian Lepore <ian@FreeBSD.org>
To: =?ISO-8859-1?Q?=D6zkan?= KIRIK <ozkan.kirik@gmail.com>
In-Reply-To: <CAAcX-AHQvZDXJUKrVKnW4xhOxO4DE7uFUyMqBC2biVaDhq+cGg@mail.gmail.com>
References: <CAAcX-AGDZbFn5RmhLBBn2PPWRPcsFUnea5MgTc7nuXGD8Ge53A@mail.gmail.com>
 <CAPS9+Sv9Um47wzOkfEsA_S7sb-FbQ=aZE2qb7EkFgnzEsrOc+Q@mail.gmail.com>
 <CAAcX-AHqxnx73+P_h0ooK8CNZCM0+Oo-TckLNHexqnP8bytCpA@mail.gmail.com>
 <CAPS9+Sv=4J2g8rCbz-99VoQiN8=eNsDWJkNVW6E0g+2B-LPTEQ@mail.gmail.com>
 <CAAcX-AHQvZDXJUKrVKnW4xhOxO4DE7uFUyMqBC2biVaDhq+cGg@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
Date: Thu, 21 Nov 2013 07:50:42 -0700
Message-ID: <1385045442.31172.549.camel@revolution.hippie.lan>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.1 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: quoted-printable
X-MIME-Autoconverted: from 8bit to quoted-printable by damnhippie.dyndns.org
 id rALEohiC082595
Cc: freebsd-ipfw <freebsd-ipfw@FreeBSD.org>,
 freebsd-stable <freebsd-stable@FreeBSD.org>, Luigi Rizzo <rizzo@iet.unipi.it>,
 Andreas Nilsson <andrnils@gmail.com>
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Nov 2013 14:50:48 -0000

On Tue, 2013-11-19 at 23:26 +0200, =D6zkan KIRIK wrote:
> On Tue, Nov 19, 2013 at 11:21 PM, Andreas Nilsson <andrnils@gmail.com>w=
rote:
>=20
> >
> >
> >
> > On Tue, Nov 19, 2013 at 9:36 PM, =D6zkan KIRIK <ozkan.kirik@gmail.com=
>wrote:
> >
> >> Hi,
> >>
> >>
> >>
> >> On Tue, Nov 19, 2013 at 10:22 PM, Andreas Nilsson <andrnils@gmail.co=
m>wrote:
> >>
> >>>
> >>>
> >>>
> >>> On Tue, Nov 19, 2013 at 8:55 PM, =D6zkan KIRIK <ozkan.kirik@gmail.c=
om>wrote:
> >>>
> >>>> Hi,
> >>>>
> >>>> I'm using kernel FreeBSD 10.0-BETA3 #2 r257635 kernel.
> >>>> I am trying to add port number to ipfw tables. But there is someth=
ing
> >>>> strange :
> >>>> Problem is easily repeatable.
> >>>>
> >>>> #ipfw table 1 flush
> >>>> #ipfw table 1 add 4899
> >>>> #ipfw table 1 list
> >>>> ::/0 0
> >>>>
> >>> Works with ipfw table 1 add 0 4899
> >>>
> >> No, i want to use this table as port list ( to use with "lookup src-=
port
> >> 1" ) . If you add like this, you cannot match against ports. Am I wr=
ong?
> >>
> > No, that should be possible.
> >
> >>
> >>
> >>>
> >>>> #ipfw table 1 flush
> >>>> #ipfw table 1 add 10.2.3.01       ( not 10.0.0.1,   the last 1 has=
 0 as
> >>>> prefix )
> >>>> #ipfw table 1 list
> >>>> ::/0 0
> >>>>
> >>> Did you mean ipfw table 1 add 10.2.3.0 1 ? That works for me.
> >>>
> >> Please dont leave spaces between 0 and 1.
> >>
> > Ok. any specific reason to type it as 10.2.3.01 instead 0f 10.2.3.1 ?
> >
> There is no specific reason, but both 10.2.3.01 and 10.2.3.1 are has tr=
ue
> syntax.
> The problem is, ipfw doesnt throw any errors, but record added as
> 0.0.0.0/0( all the IPv4 network ). This behaviour is really dangerous.
>=20
> FreeBSD 8.2 and 8.4 doesnt have this problem.

For this, I wonder if ipfw was recently changed from using inet_aton()
to inet_pton() to parse addresses?  Our implementation of inet_pton()
does not match the manpage -- it's supposed to accept decimal, octal, or
hex numbers for each of the dotted IP comonents, but it accepts decimal
only.  10.2.3.01 appears to cause it to return 0 as the address.  Our
inet_aton() handles oct/dec/hex.

-- Ian