This is the documented behavior.
: With the TCP and UDP protocols, optional ports may be specified
: as:
:
: {port|port-port|port:mask}[,port[,...]]
:
: The `-' notation specifies a range of ports (including bound-
: aries).
:
: The `:' notation specifies a port and a mask, a match is declared
: if the port number in the packet matches the one in the rule,
: limited to the bits which are set in the mask.
:
: Service names (from /etc/services) may be used instead of numeric
: port values. A range may only be specified as the first value,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: and the length of the port list is limited to IP_FW_MAX_PORTS
: ports (as defined in /usr/src/sys/netinet/ip_fw.h).
On Thu, Aug 30, 2001 at 08:31:16PM -0400, David Hill wrote:
> The following ipfw commands produce an error.
>
> Could we make this work:
> ipfw add allow udp from any to any lowport,higherport1-higherport2
> Instead of
> ipfw add allow udp from any to any highport1-highport2,lowpot
>
> Could we make this work:
> ipfw add allow udp from any to any range1-range2, range3-range4
> Instead of having to do
> ipfw add allow udp from any to any range1-range2
> ipfw add allow udp from any to any range3-range4
>
> fog# uname -a
> FreeBSD fog.hill.hom 4.4-RC FreeBSD 4.4-RC #0: Thu Aug 30 15:02:13 EDT 2001
> david@fog:/usr/src/sys/compile/FOG i386
>
> Thanks
> David
--
Ruslan Ermilov Oracle Developer/DBA,
[EMAIL PROTECTED] Sunbay Software AG,
[EMAIL PROTECTED] FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message