Date: Tue, 19 Nov 2013 23:22:34 +0200 From: =?ISO-8859-1?Q?=D6zkan_KIRIK?= <ozkan.kirik@gmail.com> Cc: freebsd-ipfw <freebsd-ipfw@freebsd.org>, freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: ipfw table add problem Message-ID: <CAAcX-AGzuwZaFQMRW6jYb4dtRDaP9EEsEideZoUVHyepsYKqaw@mail.gmail.com> In-Reply-To: <CAAcX-AHqxnx73%2BP_h0ooK8CNZCM0%2BOo-TckLNHexqnP8bytCpA@mail.gmail.com> References: <CAAcX-AGDZbFn5RmhLBBn2PPWRPcsFUnea5MgTc7nuXGD8Ge53A@mail.gmail.com> <CAPS9%2BSv9Um47wzOkfEsA_S7sb-FbQ=aZE2qb7EkFgnzEsrOc%2BQ@mail.gmail.com> <CAAcX-AHqxnx73%2BP_h0ooK8CNZCM0%2BOo-TckLNHexqnP8bytCpA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"ipfw table 1 add 4899" command works, on FreeBSD 8.2 and 8.4.
I am using port lookup tables on FreeBSD 8.4. For example : "ipfw add allow
all from any to any lookup src-port 1"
Lookup section from the MAN page of ipfw :
lookup {dst-ip | dst-port | src-ip | src-port | uid | jail} N
Search an entry in lookup table N that matches the field speci-
fied as argument. If not found, the match fails. Otherwise, the
match succeeds and tablearg is set to the value extracted from
the table.
On Tue, Nov 19, 2013 at 10:36 PM, =D6zkan KIRIK <ozkan.kirik@gmail.com> wro=
te:
> Hi,
>
>
>
> On Tue, Nov 19, 2013 at 10:22 PM, Andreas Nilsson <andrnils@gmail.com>wro=
te:
>
>>
>>
>>
>> On Tue, Nov 19, 2013 at 8:55 PM, =D6zkan KIRIK <ozkan.kirik@gmail.com>wr=
ote:
>>
>>> Hi,
>>>
>>> I'm using kernel FreeBSD 10.0-BETA3 #2 r257635 kernel.
>>> I am trying to add port number to ipfw tables. But there is something
>>> strange :
>>> Problem is easily repeatable.
>>>
>>> #ipfw table 1 flush
>>> #ipfw table 1 add 4899
>>> #ipfw table 1 list
>>> ::/0 0
>>>
>> Works with ipfw table 1 add 0 4899
>>
> No, i want to use this table as port list ( to use with "lookup src-port
> 1" ) . If you add like this, you cannot match against ports. Am I wrong?
>
>
>>
>>> #ipfw table 1 flush
>>> #ipfw table 1 add 10.2.3.01 ( not 10.0.0.1, the last 1 has 0 as
>>> prefix )
>>> #ipfw table 1 list
>>> ::/0 0
>>>
>> Did you mean ipfw table 1 add 10.2.3.0 1 ? That works for me.
>>
> Please dont leave spaces between 0 and 1.
>
>
>>
>>> #ipfw table 1 delete ::/0
>>> ipfw: setsockopt(IP_FW_TABLE_XDEL): No such process
>>>
>> However ipfw table 1 delete 0.0.0.0/0 does.
>>
> Thank you
>
>>
>>>
>>> I guess that, this problem is related to radix mask calculation
>>> problem/fix.
>>>
>>> Is there a quick solution for this.
>>> Best, regards,
>>
>>
>> Best regards
>> Andreas
>>
>
> Best regards,
> Ozkan.
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAAcX-AGzuwZaFQMRW6jYb4dtRDaP9EEsEideZoUVHyepsYKqaw>