On Sunday 18 July 2004 11:10 pm, Mail Lists wrote:
> More details - firewall generated by a script - this is the
> what the script actually runs ... I've removed some (hopefully)
> not relevant bits and heres the remainder of script output.
You have some *really* weird netmasks in this list. For example:
> # User defined Chains ...
> # Drop reserved, broadcast rfc 1918 etc
>
> iptables -A INPUT -s 1.0.0.0/7 -i eth1 -j cRES_LDROP
> iptables -A INPUT -s 173.0.0.0/5 -i eth1 -j cRES_LDROP
> iptables -A INPUT -s 181.0.0.0/6 -i eth1 -j cRES_LDROP
> iptables -A INPUT -s 185.0.0.0/7 -i eth1 -j cRES_LDROP
> iptables -A INPUT -s 189.0.0.0/7 -i eth1 -j cRES_LDROP
The first first octet of all the above addresses is an odd number; therefore
the LSB = 1, therefore any netmask shorter than 8 bits is inappropriate.
Regards,
Antony.
--
RTFM may be the appropriate reply, but please specify exactly which FM to R.
Please reply to the list;
please don't CC me.
