From nobody Mon Apr 01 06:47:40 2024 X-Original-To: ipfw@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4V7M5S6S66z5Fl2j for ; Mon, 1 Apr 2024 06:47:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4V7M5S4mkQz4fNW for ; Mon, 1 Apr 2024 06:47:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1711954060; a=rsa-sha256; cv=none; b=MEVqchSrL6iJpmjKX8TvGe8urm0F/MP12usNgtS7ieIMmwOOZLdmJSDA6rvT1ptMWxztSA 1gAUwOdtjiqe5JSFKraQSsnXK1/c4SwXkDbo1bu1WGOtBeJk5oZ4IsIBRIRMHys9nOn7wZ 0qaaaCLwYSv4g/BswEK7WDOhvp5D4vZSWTmq7/OsM5L2p4gDIJBGe4Mz9IVN8Bfa1h2VO3 7Ay2fH50vWnvZlyYMWE0UpxXo+0He8ofUdSZOajINDmm6n7A7rPWm4OscCWi0vJj+HUWRP eDNYyvElg8ImOfoDRr56pAyTfmnFQC/Wohkgetxt8XtIF+EX/ZAS+e8YUKCLtQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1711954060; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=q5pBgzenMCk/dUmhfkhBQA3UNAdJk9hWCr4xwoakxYM=; b=gax5ppIN/3tzUYZkSMrWoLSJlp5ZMCQihnS9DJQ/HONq4trrEyBmiqEMC5xhzK2MNtP/Jc 0RgrCI/m8scHc1A+wzrEIaUeeOPpfN+EH2y7gBQkHufLFgfQ1X0KEo/Koub57uj/kIfz2/ rALRWzQIk3LbdY3S7foQhNkheE2e4ZI1QJLAfMPSrriX2fq1mrk1JzPxB4ua5nIr3JbLLv UEDMQnnYAcfEs9gpyw+SBGqqBEUf8MuqyrzEx9s7TvPLsSkQoPkA3DGfZERV/6atGTLDE+ TtiXK+IcOenCvwntzC3aNzsvPPd9B+Iz6yjcAYJLsejkE7Gdwh5H88vVs9kx6Q== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4V7M5S4NQdz1BCy for ; Mon, 1 Apr 2024 06:47:40 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 4316leXM020268 for ; Mon, 1 Apr 2024 06:47:40 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 4316leTP020261 for ipfw@FreeBSD.org; Mon, 1 Apr 2024 06:47:40 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 278039] ipfw: can't add the address ::/128 to a table Date: Mon, 01 Apr 2024 06:47:40 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 14.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: freebsd@kumba.dev X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: IPFW Technical Discussions List-Archive: https://lists.freebsd.org/archives/freebsd-ipfw List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-ipfw@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D278039 --- Comment #2 from Joshua Kinard --- Looking at it a bit more, I think this is related to Bug #226688, where you can't add IPv4 255.255.255.255 to a table, either: > # ipfw set 2 table test1 create > # ipfw set 2 table test1 add 255.255.255.255 > error: 255.255.255.255/32 0 > ipfw: Adding record failed: Invalid argument On a whim, I tried adding the IPv6 equivalent, and that also fails: > # ipfw set 2 table test1 add ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff > error: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 0 > ipfw: Adding record failed: Invalid argument But you can add, numerically, the address directly below that: > # ipfw set 2 table test1 add ffff:ffff:ffff:ffff:ffff:ffff:ffff:fffe > added: ffff:ffff:ffff:ffff:ffff:ffff:ffff:fffe/128 0 Going back to IPv4, the same applies for 0.0.0.0/32: > # ipfw set 2 table test1 add 0.0.0.0 > error: 0.0.0.0/32 0 > ipfw: Adding record failed: Invalid argument But like Lexi highlights, change the CIDR, and it accepts it: > # ipfw set 2 table test1 add 0.0.0.0/31 > added: 0.0.0.0/31 0 The last item is functionally the same as adding 0.0.0.1, or in the IPv6 ca= se, ::1. So it feels like there is a range check somewhere that's doing "x > 0" and/= or "x < MAX", when it should be using >=3D or <=3D, cause functionally, ::/0.0= .0.0 and 255.255.255.255/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff are just fancy ways= of representing 0 and 2^32-1/2^128-1. --=20 You are receiving this mail because: You are the assignee for the bug.=