[Firewall] 2.0.1d LAN_INET_HOST_OPEN_TCP issues

Lonnie Abelbeck lists at lonnie.abelbeck.com
Tue Apr 2 13:37:05 CEST 2013


Hi Daniel,

I agree with Arno, I tested: (AIF v2.0.1d)
--
LAN_INET_HOST_OPEN_TCP="
0/0>1.2.3.170-190~443
192.168.222.160-169>0/0~0:65535
192.168.222.10-35>0/0~20:1000"
--
and with "arno-iptables-firewall restart" is see:
--
 Setting up LAN->INET policy
  Allowing 0/0(LAN) to 1.2.3.170-190(INET) for TCP port(s): 443
  Allowing 192.168.222.160-169(LAN) to 0/0(INET) for TCP port(s): 0:65535
  Allowing 192.168.222.10-35(LAN) to 0/0(INET) for TCP port(s): 20:1000
--
which all looks good.

For fun, copy-paste the following shell commands and see you are getting the correct results as shown:
--
$ echo "1.2.3.4-9" |cut -s -d'-' -f1 |awk -F'.' '{ print $NF }' |grep -e '[0-9]'
4

$ echo "1.2.3.4-9" |cut -s -d'-' -f2 |grep -e '[0-9]'
9

$  seq -s' ' 4 9
4 5 6 7 8 9

$ IFS=',' ; $(IFS=' ') ; echo "$IFS" ; unset IFS
,
--

Lonnie


On Apr 2, 2013, at 1:10 AM, Daniel Lindbeck wrote:

> Hi,
> 
> I'm having some issues with LAN_INET_HOST_OPEN_TCP/UDP in 2.0.1d.
> In 1.9.x i could specify IP-ranges like this:
> 
> LAN_INET_HOST_OPEN_TCP="
> 0/0>xxx.xxx.xxx.170-190~443
> xxx.xxx.xxx.160-169>0/0~0:65535
> xxx.xxx.xxx.10-35>0/0~20:1000"
> 
> And the errors i'm getting is:
> seq: invalid floating point argument: 99/0
> Try 'seq --help' for more information. Allowing xxx.xxx.xxx.160-169(LAN) to 0/0(INET) for TCP port(s): 0:65535
> 
> AND
> 
> ERROR (2): iptables v1.4.16.3: host/network `xxx.xxx.xxx.10
> 
> This configuration works fine in 1.9.x.
> Am i doing something wrong here?
> 
> / Daniel



More information about the Firewall mailing list