7101 – /sbin/ipfw unexpected variant treatment of port number expansion

Bug 7101 - /sbin/ipfw unexpected variant treatment of port number expansion

Summary: /sbin/ipfw unexpected variant treatment of port number expansion

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	bin (show other bugs)
Version:	2.2.6-RELEASE
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	ru

URL:
Keywords:

Depends on:
Blocks:

Reported:	1998-06-28 20:30 UTC by jhs
Modified:	1999-06-11 11:00 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jhs freebsd_committer

1998-06-28 20:30:01 UTC

/sbin/ipfw on 2.2.6: variant treatment of port number:
failed expansion of '-' if uucp-path is first param, otherwise not
expanded & doesn't fail.

Fix: 

Sorry, no C code patch, but I notice Julian Elsicher announced intention
to go do other ectension work to ipfw soon, so he may care to look at this.
(PS on that score , a syntax extension to support
	via interface_a,interface_b
would be nice if you can be bothered to do it Julian E.

My temporary work around is to do:
  $fwcmd add pass     tcp from ${js_muc} uucp                       to ${uucp_muc} out via ${muc_if}
  $fwcmd add pass log tcp from ${js_muc} uucp,uucp-path,uucp-rlogin to ${uucp_muc} out via ${muc_if}

Although I had originally wanted
  $fwcmd add pass     tcp from ${js_muc} uucp                       to ${uucp_muc} out via ${muc_if}
  $fwcmd add pass log tcp from ${js_muc}      uucp-path,uucp-rlogin to ${uucp_muc} out via ${muc_if}


Julian
Julian H. Stacey	jhs@freebsd.org
How-To-Repeat: 
/sbin/ipfw add pass log tcp from 193.174.4.84 uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
	fails with
ipfw: unknown port ``path''

/sbin/ipfw add pass log tcp from 193.174.4.84 uucp,uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
	works

Comment 1 rotel 1998-06-29 15:50:25 UTC

On Jun 28,  9:16pm, jhs@FreeBSD.ORG wrote:
} Subject: bin/7101: /sbin/ipfw unexpected variant treatment of port number 
> 
> /sbin/ipfw on 2.2.6: variant treatment of port number:
> failed expansion of '-' if uucp-path is first param, otherwise not
> expanded & doesn't fail.
> 
> /sbin/ipfw add pass log tcp from 193.174.4.84 uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
> 	fails with
> ipfw: unknown port ``path''
> 
> /sbin/ipfw add pass log tcp from 193.174.4.84 uucp,uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
> 	works
> 

How about introducing an escape character so you would use uucp\-path,
or how about disallowing ranges which use service names (i.e. only
accept port numbers)  I prefer the latter.


Niall


-- 
Niall Smart.        PGP: finger njs3@motmot.doc.ic.ac.uk
FreeBSD: Turning PC's into Workstations: www.freebsd.org

Comment 2 Poul-Henning Kamp freebsd_committer

1998-07-02 06:44:17 UTC

State Changed
From-To: open->suspended

awaiting fix & committer

Comment 3 ru freebsd_committer

1999-06-05 04:17:53 UTC

Responsible Changed
From-To: freebsd-bugs->ru

I'll fix it.

Comment 4 ru freebsd_committer

1999-06-11 10:45:18 UTC

State Changed
From-To: suspended->closed

Fixed in -current (ipfw.c rev.1.70) by introducing an escape character.