[Bug 278039] ipfw: can't add the address ::/128 to a table
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 01 Apr 2024 06:47:40 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=278039 --- Comment #2 from Joshua Kinard <freebsd@kumba.dev> --- Looking at it a bit more, I think this is related to Bug #226688, where you can't add IPv4 255.255.255.255 to a table, either: > # ipfw set 2 table test1 create > # ipfw set 2 table test1 add 255.255.255.255 > error: 255.255.255.255/32 0 > ipfw: Adding record failed: Invalid argument On a whim, I tried adding the IPv6 equivalent, and that also fails: > # ipfw set 2 table test1 add ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff > error: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 0 > ipfw: Adding record failed: Invalid argument But you can add, numerically, the address directly below that: > # ipfw set 2 table test1 add ffff:ffff:ffff:ffff:ffff:ffff:ffff:fffe > added: ffff:ffff:ffff:ffff:ffff:ffff:ffff:fffe/128 0 Going back to IPv4, the same applies for 0.0.0.0/32: > # ipfw set 2 table test1 add 0.0.0.0 > error: 0.0.0.0/32 0 > ipfw: Adding record failed: Invalid argument But like Lexi highlights, change the CIDR, and it accepts it: > # ipfw set 2 table test1 add 0.0.0.0/31 > added: 0.0.0.0/31 0 The last item is functionally the same as adding 0.0.0.1, or in the IPv6 case, ::1. So it feels like there is a range check somewhere that's doing "x > 0" and/or "x < MAX", when it should be using >= or <=, cause functionally, ::/0.0.0.0 and 255.255.255.255/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff are just fancy ways of representing 0 and 2^32-1/2^128-1. -- You are receiving this mail because: You are the assignee for the bug.