Re: Proposal to apply mask to IP address set on rule

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: Proposal to apply mask to IP address set on rule
From: Vadim Goncharov <vadimnuclight%gmail.com@localhost>
Date: Sat, 24 May 2025 18:53:44 +0300

On Sat, 24 May 2025 06:35:53 -0400
Greg Troxel <gdt%lexort.com@localhost> wrote:

> It would be good if someone(tm) surveyed the N firewalls out there (all,
> not just ones that run on NetBSD) to see what the broad practice is
> about non-zero host bits.  My experience is somewhat limited, but I've
> never run into errors or warnings.

As for FreeBSD 13.4's ipfw, it masks on add and echoes it back:

# ipfw add 2345 deny ip from 192.168.64.7/24 to any // tech-net%NetBSD.org@localhost
02345 deny ip from 192.168.64.0/24 to any // tech-net%NetBSD.org@localhost

-- 
WBR, @nuclight

Follow-Ups:
- Re: Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko

References:
- Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko
- Re: Proposal to apply mask to IP address set on rule
  - From: Christoph Badura
- Re: Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko
- Re: Proposal to apply mask to IP address set on rule
  - From: Mouse
- Re: Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko
- Re: Proposal to apply mask to IP address set on rule
  - From: Greg Troxel

Prev by Date: Re: Proposal to apply mask to IP address set on rule
Next by Date: Re: Proposal to apply mask to IP address set on rule
Previous by Thread: Re: Proposal to apply mask to IP address set on rule
Next by Thread: Re: Proposal to apply mask to IP address set on rule
Indexes:

Home | Main Index | Thread Index | Old Index