Date: Tue, 29 Nov 2005 09:49:00 +0100 From: Daniel Hartmeier <daniel@benzedrine.cx> To: Forrest Aldrich <forrie@forrie.com> Cc: freebsd-pf@freebsd.org Subject: Re: Using / notation in tables? Message-ID: <20051129084900.GA23781@insomnia.benzedrine.cx> In-Reply-To: <438BF404.7030009@forrie.com> References: <438BF404.7030009@forrie.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 29, 2005 at 01:24:04AM -0500, Forrest Aldrich wrote:
> Is it not valid to specify in a file based table:
>
> 11.22.33.0/24
>
> using slash notation?
>
> I looked at the PF page, and it seems ambiguious about whether this is
> valid or not.
It's valid:
# cat file
1.2.3.4
11.22.33.0/24
5.6.7.8
# pfctl -t foo -Tr -f file
1 table created.
3 addresses added.
# pfctl -t foo -Ts
1.2.3.4
5.6.7.8
11.22.33.0/24
# pfctl -t foo -vTt 11.22.33.44
1/1 addresses match.
M 11.22.33.44
> I'm guessing not, since I just created a GeoIP table (file-based) which
> has slash notation in it, and I'm getting spam hits from one of the
> networks already/still.
Then something else is wrong, either the rule using the table doesn't
match (for some other reason than the table not matching), or another
rule is the last matching rule for that connection. Either way, the CIDR
notation in the table is not the problem.
Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051129084900.GA23781>