On 21 May 2025, at 11:17 PM, Greg Troxel <gdt%lexort.com@localhost> wrote:
Emmanuel Nyarko <emmankoko519%gmail.com@localhost> writes:On 21 May 2025, at 10:11 PM, Greg Troxel <gdt%lexort.com@localhost> wrote:
Emmanuel Nyarko <emmankoko519%gmail.com@localhost> writes:
I think a simple warning will do. That rightmost bits are not 0s.
Certainly better than silent failure, but I think one should be able to
use prefixes like 192.168.1.7/24. As I said, that is a way of
documenting that it was .7 that got it added, but that the intent was
to block the neighborhood.
Very good case here.i couldn’t agree more.
But I think that’s an information you can not easily know sometimes. Or ?
Especially when dealing with incident responses after you’re suspecting malicious activities from a source ip and maybe trying to block. Might be from a diff network, etc. so should probably warn to use a .0 when adding a mask.
I am not saying it should be required, or any kind of rule. If someonewants to put in a subnet with 0 in the host part because that's whatthey are thinking about, that's totally fine. I just meant that puttingin a host should be acceptable.
I get it !!!!! Thanks very much for the feedback.
|