[j-nsp] 8bit port bug on firewall filters?
Scott A. McIntyre
scott at xs4all.net
Mon Sep 13 03:13:59 EDT 2004
Hi,
Over the weekend whilst experimenting with a recently upgraded M40 to JUNOS
6.4R1.6, I found what appears to be a bug with the ability to take integer
specified port numbers and ranges, namely, it's stuck with an 8 bit value.
No port number great than 255 can be entered:
scott at xr1.dmn# set term test from destination-port [ 1 2 3 4 250 254 255 256
^
range: '256': invalid value at '256'
scott at xr1.dmn# set term test from destination-port [ 1 2 3 4 250 254 255
256
The exception seems to be if the port is defined in the internal list of
named ports:
scott at xr1.dmn# set term test from destination-port [ 250 login kshell nntp
pptp ]
This definitely Isn't Right. Feels like a monday-morning-bug of someone
vi-ing proto.c instead port.c to set the 8bit max value.
Anyway, anyone else seen this, or better still, have a workaround? It's
rather holding up our upgrade plans...
Thanks,
Scott A. McIntyre
XS4ALL Internet B.V.
More information about the juniper-nsp
mailing list