[grsec] full learning, role_allow_ip: useless entries in policy?

Marc Schiffbauer marc at schiffbauer.net
Wed Jun 22 13:14:14 EDT 2005


* Marcelo Bartsch schrieb am 22.06.05 um 18:30 Uhr:
> Marc, short answer, is not the same.
> 
> long answer, 0.0.0.0/32 is a lot different from 0.0.0.0/0, /32 means
> only packet comming from or to ip = 0.0.0.0, so it's nor redundant, i
> think 0.0.0.0/32 is IP_ADDRANY alias, but some one can correct me if i'm
> wrong.

Yes, right. I was looking for 0.0.0.0/0

I wonder how long the list of IPs has to be until gradm reduces them.

-Marc

-- 
+------------------------------------------------------------------+
|              --> http://www.links2linux.de <--                   |
|                                                                  |
+---Registered-Linux-User-#136487------------http://counter.li.org +


More information about the grsecurity mailing list