[grsec] full learning, role_allow_ip: useless entries in policy?
Marc Schiffbauer
marc at schiffbauer.net
Wed Jun 22 13:14:14 EDT 2005
* Marcelo Bartsch schrieb am 22.06.05 um 18:30 Uhr:
> Marc, short answer, is not the same.
>
> long answer, 0.0.0.0/32 is a lot different from 0.0.0.0/0, /32 means
> only packet comming from or to ip = 0.0.0.0, so it's nor redundant, i
> think 0.0.0.0/32 is IP_ADDRANY alias, but some one can correct me if i'm
> wrong.
Yes, right. I was looking for 0.0.0.0/0
I wonder how long the list of IPs has to be until gradm reduces them.
-Marc
--
+------------------------------------------------------------------+
| --> http://www.links2linux.de <-- |
| |
+---Registered-Linux-User-#136487------------http://counter.li.org +
More information about the grsecurity
mailing list