Date: Tue, 2 Jan 2007 10:50:20 GMT From: Maxim Konovalov <maxim@macomnet.ru> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/106382: parentesis bug in IPFW command Message-ID: <200701021050.l02AoKjd093404@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/106382; it has been noted by GNATS.
From: Maxim Konovalov <maxim@macomnet.ru>
To: Joao Rocha Braga Filho <goffredo@gmail.com>
Cc: bug-followup@freebsd.org
Subject: Re: bin/106382: parentesis bug in IPFW command
Date: Tue, 2 Jan 2007 13:24:10 +0300 (MSK)
Hi,
[...]
> The man page says
>
> " Additionally, sets of alternative match patterns (or-blocks) can
> be constructed by putting the patterns in lists enclosed between
> parentheses ( ) or braces { }, and using the or operator as follows:
> ipfw add 100 allow ip from { x or not y or z } to any"
>
> but when I use
>
> root:goffredo[627] ipfw add 2 count tcp from any to '(' any 22 to any 23 ')'
> ipfw: missing ")"
>
> root:goffredo[628] ipfw add 2 count tcp from any to \( any 22 to any 23 \)
> ipfw: missing ")"
>
> root:goffredo[629] ipfw add 2 count tcp from any to '{' any 22 to any 23 '}'
> ipfw: missing ")"
>
> root:goffredo[630] ipfw add 2 count tcp from any to \{ any 22 to any 23 \}
> ipfw: missing ")"
What does
"from any to \{ any 22 to any 23 \}"
mean in plain English?
I think you need something like
ipfw -n add 2 count tcp from any to any 22,23
or
ipfw -n add 2 count tcp from any to \{ 2.2.2.2 or 1.1.1.1 \} 22,23
--
Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701021050.l02AoKjd093404>