[grsec] full learning, role_allow_ip: useless entries in policy?

Marc Schiffbauer marc at schiffbauer.net
Wed Jun 22 06:31:23 EDT 2005


Hi Brad,

in a policy generated by full learning (2.1.5) I see that:

role userxy u
role_allow_ip   217.248.220.113/32
role_allow_ip   217.248.222.105/32
role_allow_ip   217.248.222.58/32
role_allow_ip   217.248.222.86/32
role_allow_ip   217.248.223.153/32
role_allow_ip   217.248.227.179/32
role_allow_ip   62.134.108.35/32
role_allow_ip   62.180.184.31/32
role_allow_ip   62.180.184.53/32
role_allow_ip   62.180.32.20/32
role_allow_ip   62.180.32.63/32
role_allow_ip   0.0.0.0/32


Is this not the same as just writing only following two lines?

role userxy u
role_allow_ip   0.0.0.0/32


Cheers
-Marc
-- 
######################################################
#   <Raize> can you guys see what I type?            #
#   <vecna> no, raize                                #
#   <Raize> How do I set it up so you can see it?    #


More information about the grsecurity mailing list