Re: [Fwbuilder-discussion] fwb 3.0 questions
Brought to you by:
mikehorn
From: Vadim K. <va...@vk...> - 2008-09-24 05:17:05
|
On Sep 24, 2008, at 6:42 AM, Tom Diehl wrote: >> >> The problem I've noticed is that any new IPv4 objects after 3.0.x >> have >> the property netmask="0.0.0.0". The pre-3.0.x IPv4 objects >> continue to >> have netmask="255.255.255.255". > > The 0.0.0.0 thing appears to me to be wrong. The first time I got > this, I > locked a bunch of people out of a network. 255.255.255.255 seems to > me to > be a much better default. At least that way other services can still > function, > even if the default netmask is not what you want on a particular rule. the IPv4 object indeed has netmask but it is only ever used if this object is a child of an Interface object. The value of the netmask of a standalone IPv4 object is irrelevant. I can make the GUI hide it if it is confusing. Could you elaborate a little on how did you locked people off the network because of this ? I must have missed a case where this netmask is used. --vk |