From: Tom E. <te...@sh...> - 2010-08-31 13:43:05
|
On 8/30/10 11:56 PM, j20...@js... wrote: > This is shorewall 4.4.8. > This command seems valid: > shorewall logdrop 220.233.240.0/32 > and I would expect the command to block the group of 256 addresses. How could you possibly expect that? /32 means *one address* (mask 0xffffffff). If you want to block the class C network, then you need /24 (mask 0xffffff00). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ |