From jhs@jhs.muc.de  Sun Jun 28 12:30:09 1998
Received: from colin.muc.de (root@colin.muc.de [193.174.4.1])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id MAA29469;
          Sun, 28 Jun 1998 12:30:05 -0700 (PDT)
          (envelope-from jhs@jhs.muc.de)
Received: from jhs.muc.de ([193.174.4.84]) by colin.muc.de with SMTP id <140559-1>; Sun, 28 Jun 1998 21:23:31 +0200
Received: (from jhs@localhost)
	by jhs.muc.de (8.8.8/8.8.8) id VAA01634;
	Sun, 28 Jun 1998 21:16:33 +0200 (MET DST)
	(envelope-from jhs)
Message-Id: <199806281916.VAA01634@jhs.muc.de>
Date: Sun, 28 Jun 1998 21:16:33 +0200
From: jhs@FreeBSD.ORG
Reply-To: jhs@FreeBSD.ORG
To: FreeBSD-gnats-submit@freebsd.org
Cc: julian@freebsd.org
Subject: /sbin/ipfw unexpected variant treatment of port number expansion
X-Send-Pr-Version: 3.2

>Number:         7101
>Category:       bin
>Synopsis:       /sbin/ipfw unexpected variant treatment of port number expansion
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    ru
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jun 28 12:30:01 PDT 1998
>Closed-Date:    Fri Jun 11 02:45:18 PDT 1999
>Last-Modified:  Fri Jun 11 03:00:29 PDT 1999
>Originator:     Julian Stacey
>Release:        FreeBSD 2.2.6-RELEASE i386
>Organization:
>Environment:


>Description:

/sbin/ipfw on 2.2.6: variant treatment of port number:
failed expansion of '-' if uucp-path is first param, otherwise not
expanded & doesn't fail.


>How-To-Repeat:

/sbin/ipfw add pass log tcp from 193.174.4.84 uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
	fails with
ipfw: unknown port ``path''

/sbin/ipfw add pass log tcp from 193.174.4.84 uucp,uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
	works


>Fix:
	
Sorry, no C code patch, but I notice Julian Elsicher announced intention
to go do other ectension work to ipfw soon, so he may care to look at this.
(PS on that score , a syntax extension to support
	via interface_a,interface_b
would be nice if you can be bothered to do it Julian E.

My temporary work around is to do:
  $fwcmd add pass     tcp from ${js_muc} uucp                       to ${uucp_muc} out via ${muc_if}
  $fwcmd add pass log tcp from ${js_muc} uucp,uucp-path,uucp-rlogin to ${uucp_muc} out via ${muc_if}

Although I had originally wanted
  $fwcmd add pass     tcp from ${js_muc} uucp                       to ${uucp_muc} out via ${muc_if}
  $fwcmd add pass log tcp from ${js_muc}      uucp-path,uucp-rlogin to ${uucp_muc} out via ${muc_if}


Julian
Julian H. Stacey	jhs@freebsd.org

>Release-Note:
>Audit-Trail:

From: Niall Smart <rotel@indigo.ie>
To: jhs@FreeBSD.ORG, FreeBSD-gnats-submit@FreeBSD.ORG
Cc: julian@FreeBSD.ORG, julian@whistle.com
Subject: Re: bin/7101: /sbin/ipfw unexpected variant treatment of port number expansion
Date: Mon, 29 Jun 1998 14:50:25 +0000

 On Jun 28,  9:16pm, jhs@FreeBSD.ORG wrote:
 } Subject: bin/7101: /sbin/ipfw unexpected variant treatment of port number 
 > 
 > /sbin/ipfw on 2.2.6: variant treatment of port number:
 > failed expansion of '-' if uucp-path is first param, otherwise not
 > expanded & doesn't fail.
 > 
 > /sbin/ipfw add pass log tcp from 193.174.4.84 uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
 > 	fails with
 > ipfw: unknown port ``path''
 > 
 > /sbin/ipfw add pass log tcp from 193.174.4.84 uucp,uucp-path,uucp-rlogin to 193.174.4.10 out via isppp0
 > 	works
 > 
 
 How about introducing an escape character so you would use uucp\-path,
 or how about disallowing ranges which use service names (i.e. only
 accept port numbers)  I prefer the latter.
 
 
 Niall
 
 
 -- 
 Niall Smart.        PGP: finger njs3@motmot.doc.ic.ac.uk
 FreeBSD: Turning PC's into Workstations: www.freebsd.org
State-Changed-From-To: open->suspended 
State-Changed-By: phk 
State-Changed-When: Wed Jul 1 22:44:17 PDT 1998 
State-Changed-Why:  
awaiting fix & committer 
Responsible-Changed-From-To: freebsd-bugs->ru 
Responsible-Changed-By: ru 
Responsible-Changed-When: Fri Jun 4 20:17:53 PDT 1999 
Responsible-Changed-Why:  
I'll fix it. 
State-Changed-From-To: suspended->closed 
State-Changed-By: ru 
State-Changed-When: Fri Jun 11 02:45:18 PDT 1999 
State-Changed-Why:  
Fixed in -current (ipfw.c rev.1.70) by introducing an escape character. 
>Unformatted:
