From owner-freebsd-isp  Thu Nov 30 22:16:45 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3928037B400; Thu, 30 Nov 2000 22:16:42 -0800 (PST)
Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Thu, 30 Nov 2000 22:15:05 -0800
Received: (from cjc@localhost)
	by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eB16GVh13992;
	Thu, 30 Nov 2000 22:16:31 -0800 (PST)
	(envelope-from cjc)
Date: Thu, 30 Nov 2000 22:16:31 -0800
From: "Crist J . Clark" <cjclark@reflexnet.net>
To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
Cc: Dan Babb <bdan@c-zone.net>,
	"Jonathan M. Slivko" <jon_slivko@simphost.com>,
	freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
Subject: Re: Danger Ports
Message-ID: <20001130221631.E99903@149.211.6.64.reflexcom.com>
Reply-To: cjclark@alum.mit.edu
References: <Pine.BSF.4.21.0011292044170.36849-100000@flux.c-zone.net> <200011301743.JAA44928@gndrsh.dnsmgr.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <200011301743.JAA44928@gndrsh.dnsmgr.net>; from freebsd@gndrsh.dnsmgr.net on Thu, Nov 30, 2000 at 09:43:57AM -0800
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, Nov 30, 2000 at 09:43:57AM -0800, Rodney W. Grimes wrote:

[snip]

> > access-list 110 deny   ip 172.16.0.0 0.15.255.255 any log
> > access-list 110 deny   ip 172.31.0.0 0.0.255.255 any log

> access-list 110 deny   ip any 172.16.0.0 0.15.255.255 log
> access-list 110 deny   ip any 172.31.0.0 0.0.255.255 log

Is it me? Isn't the second network in each a subset of the first?
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message