Re: ipf question

• Previous message: Erick Mechler: "Re: ipf question"
• In reply to: Erick Mechler: "Re: ipf question"
• Next in thread: Erick Mechler: "Re: ipf question"
• Reply: Erick Mechler: "Re: ipf question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: muc-lists-freebsd-security@moderators.muc.de
Date: 19 Jan 2005 18:36:50 GMT

["Followup-To:" header set to muc.lists.freebsd.security.]
»Erick Mechler« <emechler@techometer.net> wrote:
> :: pass in quick on xl0 proto tcp/udp from any to any port 137 <> 139 keep
> :: state
>
> This line allows in all tcp and udp ports less than 137 and greater than
> 139, which is exactly what you don't want :) If you want to allow all
> ports 137-139 inclusive, you need to change it to
>
> ... port 136 >< 140 keep state
>
> The < and > operators are not inclusive.

I know it has been defined like that. But why?

Why wasn't an inclusive .. operator used? There must be a reason for this, but
which one is it?
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Erick Mechler: "Re: ipf question"
• In reply to: Erick Mechler: "Re: ipf question"
• Next in thread: Erick Mechler: "Re: ipf question"
• Reply: Erick Mechler: "Re: ipf question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]