From chd@intercom.net.ua  Sun Mar 21 03:18:57 2004
Return-Path: <chd@intercom.net.ua>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C455816A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 21 Mar 2004 03:18:57 -0800 (PST)
Received: from stealth.ips.net.ua (stealth.intercom.net.ua [195.13.40.147])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D031443D2D
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 21 Mar 2004 03:18:56 -0800 (PST)
	(envelope-from chd@intercom.net.ua)
Received: from joker.intercom.net.ua (office.intercom.net.ua [195.13.40.62])
	by stealth.ips.net.ua (8.12.8p2/8.12.8) with ESMTP id i2LBIsQF028143
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 21 Mar 2004 13:18:55 +0200 (EET)
	(envelope-from chd@intercom.net.ua)
Received: from joker.intercom.net.ua (chd@localhost [127.0.0.1])
	by joker.intercom.net.ua (8.12.8p2/8.12.8) with ESMTP id i2LBIq37017127
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 21 Mar 2004 13:18:52 +0200 (EET)
	(envelope-from chd@joker.intercom.net.ua)
Received: (from chd@localhost)
	by joker.intercom.net.ua (8.12.8p2/8.12.8/Submit) id i2LBIpZi017086;
	Sun, 21 Mar 2004 13:18:51 +0200 (EET)
	(envelope-from chd)
Message-Id: <200403211118.i2LBIpZi017086@joker.intercom.net.ua>
Date: Sun, 21 Mar 2004 13:18:51 +0200 (EET)
From: Dmitry Cherkasov <chd@qq.org.ua>
Reply-To: Dmitry Cherkasov <chd@qq.org.ua>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: misfitting in two parts of man 8 ipfw about quantity of ports that may be specified in a rule
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         64534
>Category:       docs
>Synopsis:       misfitting in two parts of man 8 ipfw about quantity of ports that may be specified in a rule
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    maxim
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar 21 03:20:12 PST 2004
>Closed-Date:    Mon Apr 05 12:34:26 PDT 2004
>Last-Modified:  Mon Apr 05 12:34:26 PDT 2004
>Originator:     Dmitry Cherkasov
>Release:        FreeBSD 5.2-RELEASE i386
>Organization:
ISP Intercom
>Environment:
FreeBSD eyes.intercom.net.ua 5.2-RELEASE FreeBSD 5.2-RELEASE #2: Sun Jan 25 19:59:30 EET 2004     rain@eyes.intercom.net.ua:/usr/obj/usr/src/sys/EYES  i386

	
>Description:
	

	There is a misfitting in two parts of man 8 ipfw about 
	quantity of ports that may be specified in a rule. 
	In the Section RULE BODY in the description of 'ports' 
	pattern it is said:

	"The length of the port list is limited to 30 ports or ranges, ..."

	while later in the Section IPFW2 ENHANCEMENTS, subsection "Port 
	specifications" it is mentioned a different length of the port 
	list:

	"ipfw1 ... is limited to 10 entries instead of the 15 allowed 
	by ipfw2."


>How-To-Repeat:
	man ipfw | grep "is limited to"
>Fix:
	
	

	Probably "15" should be changed to "30" in the second cite.


>Release-Note:
>Audit-Trail:

From: Marc Silver <marcs@draenor.org>
To: freebsd-gnats-submit@FreeBSD.org, chd@qq.org.ua
Cc:  
Subject: Re: docs/64534: misfitting in two parts of man 8 ipfw about quantity
 of ports that may be specified in a rule
Date: Tue, 23 Mar 2004 16:14:00 +0200

 This is a multi-part message in MIME format.
 --------------030705040504080004000602
 Content-Type: text/plain; charset=us-ascii; format=flowed
 Content-Transfer-Encoding: 7bit
 
 Hey there,
 
 I've confirmed that this is indeed correct.  IPFW2 is limited to 30 
 ports/ranges, and returns 'ipfw: getsockopt(IP_FW_ADD): Invalid 
 argument' when trying to use more than 30, while IPFW1 complains more 
 gracefully with 'ipfw: too many ports (max is 10)' when trying to use 
 more than 10.
 
 Here's a patch for ipfw.8 which hopefully corrects the problem.
 
 Cheers,
 Marc
 
 
 --------------030705040504080004000602
 Content-Type: text/plain;
  name="ipfw.8-patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="ipfw.8-patch"
 
 --- ipfw.8-orig	Tue Mar 23 16:02:01 2004
 +++ ipfw.8	Tue Mar 23 16:07:46 2004
 @@ -831,8 +831,14 @@
  Service names (from
  .Pa /etc/services )
  may be used instead of numeric port values.
 -The length of the port list is limited to 30 ports or ranges,
 -though one can specify larger ranges by using an
 +The length of the port list is dependant on the version of
 +.Nm
 +being used;
 +.Nm ipfw1
 +is limited to 10 ports or ranges, while
 +.Nm ipfw2 
 +increases this limit to 30.
 +One can specify larger ranges by using an
  .Em or-block
  in the
  .Cm options
 @@ -1819,7 +1825,7 @@
  .It Port specifications
  .Nm ipfw1
  only allows one port range when specifying TCP and UDP ports, and
 -is limited to 10 entries instead of the 15 allowed by
 +is limited to 10 entries instead of the 30 allowed by
  .Nm ipfw2 .
  Also, in
  .Nm ipfw1
 
 --------------030705040504080004000602--
State-Changed-From-To: open->patched 
State-Changed-By: maxim 
State-Changed-When: Fri Mar 26 11:09:35 PST 2004 
State-Changed-Why:  
Fixed in -CURRENT, thanks. 


Responsible-Changed-From-To: freebsd-doc->maxim 
Responsible-Changed-By: maxim 
Responsible-Changed-When: Fri Mar 26 11:09:35 PST 2004 
Responsible-Changed-Why:  
MFC reminder. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=64534 
State-Changed-From-To: patched->closed 
State-Changed-By: maxim 
State-Changed-When: Mon Apr 5 12:34:04 PDT 2004 
State-Changed-Why:  
Fixed in -STABLE as well. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=64534 
>Unformatted:
