[pkg-netfilter-team] Bug#1008567: ipset fails to lookup service name if it is not listed as tcp in /etc/services
Jeremy Sowden
azazel at debian.org
Sun Dec 21 13:23:27 GMT 2025
On 2022-03-28, at 12:45:23 -0400, Tony Lill wrote:
> Package: ipset
> Version: 7.10-1
> Severity: normal
>
> Dear Maintainer,
>
> When attempting to use a port name in ipset add, a number of them
> failed with
>
> ipset v7.10: Syntax error: 'bootpc' is invalid as number
>
> This seems to be because bootpc is only listed as a udp service in
> /etc/services. For any service listed as tcp, or both, ipset works
> as expected. Adding bootpc as a tcp service to /etc/services fixes the situation.
>
> Ipset should attempt to lookup the name as both tcp and udp, or /etc/services
> should return to listing all services as both tcp and udp..
Ports may be specified with or without a protocol. If no protocol is
given, it defaults to TCP. To add UDP bootpc, you need to do something
like:
# ipset create ports bitmap:port range 0-1024
# ipset add ports udp:bootpc
See the ipset(8) man-page for more details.
J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 931 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20251221/689d9180/attachment.sig>
More information about the pkg-netfilter-team
mailing list