Re: Proposal to apply mask to IP address set on rule

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: Proposal to apply mask to IP address set on rule
From: Emmanuel Nyarko <emmankoko519%gmail.com@localhost>
Date: Wed, 21 May 2025 23:12:47 +0000

On 21 May 2025, at 10:11 PM, Greg Troxel <gdt%lexort.com@localhost> wrote:

Emmanuel Nyarko <emmankoko519%gmail.com@localhost> writes:

I think a simple warning will do. That rightmost bits are not 0s.

Certainly better than silent failure, but I think one should be able to
use prefixes like 192.168.1.7/24. As I said, that is a way of
documenting that it was .7 that got it added, but that the intent was
to block the neighborhood.

Very good case here.i couldn’t agree more.

But I think that’s an information you can not easily know sometimes. Or ?

Especially when dealing with incident responses after you’re suspecting malicious activities from a source ip and maybe trying to block. Might be from a diff network, etc. so should probably warn to use a .0 when adding a mask.

Emmanuel

Follow-Ups:
- Re: Proposal to apply mask to IP address set on rule
  - From: Greg Troxel

References:
- Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko
- Re: Proposal to apply mask to IP address set on rule
  - From: Greg Troxel
- Re: Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko
- Re: Proposal to apply mask to IP address set on rule
  - From: Gert Doering
- Re: Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko
- Re: Proposal to apply mask to IP address set on rule
  - From: Greg Troxel

Prev by Date: Re: Proposal to apply mask to IP address set on rule
Next by Date: Re: Proposal to apply mask to IP address set on rule
Previous by Thread: Re: Proposal to apply mask to IP address set on rule
Next by Thread: Re: Proposal to apply mask to IP address set on rule
Indexes:

Home | Main Index | Thread Index | Old Index