Re: [Shorewall-users] shorewall logdrop <access>

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On 8/30/10 11:56 PM, j20...@js... wrote:
> This is shorewall 4.4.8.
> This command seems valid:
> shorewall logdrop 220.233.240.0/32
> and I would expect the command to block the group of 256 addresses.

How could you possibly expect that? /32 means *one address* (mask
0xffffffff). If you want to block the class C network, then you need /24
(mask 0xffffff00).

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________