Stefan Riha <stefan@xxxxxxxxx> writes: > Hi, > > I'm a beginner and noticed than when I do e.g. > > iptables -A INPUT ... -s 10.0.0.2/24 ... > > this gets interpreted as "allow from source 10.0.0.0/24" i.e. from the > entire network. I think it would be more beginner-proof if iptables > would interpret this as incorrect input and error. Or at least, I am afraid that you will not find allies here. Interpreting this as bitmask notation is quite long tradition, and I am afrait that noone wants to put extra code here, KJ -- http://stopstopnop.pl/stop_stopnop.pl_o_nas.html
