Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[17.1.5] floating rule with a dest port range with a start value but no end value is valid #1611

Closed
sjorge opened this issue May 4, 2017 · 1 comment
Closed

[17.1.5] floating rule with a dest port range with a start value but no end value is valid #1611

sjorge opened this issue May 4, 2017 · 1 comment
Assignees
@AdSchellevis
Labels
bug Production bug
Milestone
17.7

Comments

@sjorge
Copy link
Contributor

sjorge commented May 4, 2017

You can create a floating rule with a destination range starting at X and with no value in the end.
This results in 'any' port.

I was trying to something like this:
source $localnets
source_port *
dest *
dest_port 32400 - 32415

But accidently created
source $localnets
source_port *
dest *
dest_port 32400 -

Which resulted in this rule being added:
pass in quick on { vtnet1 vtnet3 vtnet2 } inet proto tcp from $localnets to any flags S/SA label "USER_RULE: "
@sjorge
Copy link
Contributor Author

sjorge commented May 5, 2017

Just tested the patch, looks good!

@fichtner fichtner added the bug Production bug label May 5, 2017
@fichtner fichtner added this to the 17.7 milestone May 5, 2017
fichtner pushed a commit that referenced this issue May 9, 2017
@AdSchellevis @fichtner
pconfig_to_address, don't save range when $endport is 0, closes #1611
bd03af9 
(cherry picked from commit 0280a87)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AdSchellevis AdSchellevis

Labels
bug Production bug
Milestone
17.7
Development

No branches or pull requests
3 participants
@sjorge @fichtner @AdSchellevis