bugzilla-daemon at bugzilla.netfilter.org
2012-Apr-26 04:24 UTC
[Bug 783] New: ipset fails to parse port names with hyphen for bitmap:port type
http://bugzilla.netfilter.org/show_bug.cgi?id=783
Summary: ipset fails to parse port names with hyphen for
bitmap:port type
Product: ipset
Version: unspecified
Platform: All
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: default
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: vgsinha at gmail.com
Estimated Hours: 0.0
Overview:
The problem is seen with adding port names that contain a hyphen, to an ipset,
for example http-alt or snmp-trap. It seems that the ipset command is treating
it as a range.
Steps to Reproduce:
1. Create an ipset that uses bitmap:port of range from 1 to 65535.
2. Add a portname to this ipset using ipset -A. Use a port name that has
hyphen, for example http-alt.
Actual Results:
ipset threw an error, "ipset v6.11: Syntax error: 'alt' is invalid
as number".
Expected Results:
ipset should add port 8080 to the list of members.
Build Date & Platform:
Initially saw it on 6.9. Tested again on 6.11 on Debian Sid, testing.
Additional Builds and Platforms:
Don't know.
Additional Information:
pasting output of my testing here.
-------terminal output-------
root at debian:/home/gaurav# ipset -L
root at debian:/home/gaurav# ipset -N test bitmap:port --from 1 to 65535
root at debian:/home/gaurav# ipset -L
Name: test
Type: bitmap:port
Header: range 1-65535
Size in memory: 8260
References: 0
Members:
root at debian:/home/gaurav# ipset -A test snmp
root at debian:/home/gaurav# ipset -L
Name: test
Type: bitmap:port
Header: range 1-65535
Size in memory: 8260
References: 0
Members:
161
root at debian:/home/gaurav# ipset -A test snmp-trap
ipset v6.11: Syntax error: 'trap' is invalid as number
Syntax error: cannot parse 'trap' as a tcp port
root at debian:/home/gaurav#
root at debian:/home/gaurav# ipset -A test 162
root at debian:/home/gaurav# ipset -L
Name: test
Type: bitmap:port
Header: range 1-65535
Size in memory: 8260
References: 0
Members:
161
162
root at debian:/home/gaurav# ipset -A test http-alt
ipset v6.11: Syntax error: 'alt' is invalid as number
Syntax error: cannot parse 'alt' as a tcp port
root at debian:/home/gaurav#
root at debian:/home/gaurav# cat /etc/services | grep http-alt
http-alt 8080/tcp webcache # WWW caching service
http-alt 8080/udp
root at debian:/home/gaurav# ipset -A test 1080
root at debian:/home/gaurav#
root at debian:/home/gaurav# ipset -L
Name: test
Type: bitmap:port
Header: range 1-65535
Size in memory: 8260
References: 0
Members:
161
162
1080
----
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2012-Apr-26 10:11 UTC
[Bug 783] ipset fails to parse port names with hyphen for bitmap:port type
http://bugzilla.netfilter.org/show_bug.cgi?id=783
Jozsef Kadlecsik <kadlec at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kadlec at netfilter.org
--- Comment #1 from Jozsef Kadlecsik <kadlec at netfilter.org> 2012-04-26
12:11:42 CEST ---
Please read the ipset manpage: host and service names with a dash in the name
must be esacped using square brackets.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
bugzilla-daemon at bugzilla.netfilter.org
2012-Apr-26 19:02 UTC
[Bug 783] ipset fails to parse port names with hyphen for bitmap:port type
http://bugzilla.netfilter.org/show_bug.cgi?id=783
Gaurav Sinha <vgsinha at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #2 from Gaurav Sinha <vgsinha at gmail.com> 2012-04-26
21:02:56 CEST ---
This bug is invalid, it worked fine with square brackets.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are watching all bug changes.
Maybe Matching Threads
- [Bug 838] New: ipset add foo syslog fails for bitmap:port
- [Bug 859] New: bitmap:port appears to be using 8 bytes of kernel memory per port, rather than 1 bit.
- [Bug 1750] New: 'ipset save' does not save in format loadable by systemd (it saves in 'ipset list' format)
- [Bug 1081] New: /tmp/ccKT2Q7s.o: In function `help': ipset.c:(.text+0x27c): undefined reference to `ipset_envopts'
- [Bug 1719] New: ipset wrongly blocking undefined ranges and not blocking ranges that are defined