[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unexpected Behaviour ? pf "quick" in negated ranges

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Unexpected Behaviour ? pf "quick" in negated ranges
From: Rod Dorman <rodd_(_at_)_polylogics_(_dot_)_com>
Date: Sat, 15 May 2004 11:38:18 -0400
Organization: Polylogics Consulting
Reply-to: Rod Dorman <rodd_(_at_)_polylogics_(_dot_)_com>

On Saturday, May 15, 2004, 04:48:26, sk wrote:
>>    block in quick from { 192.168.0.0/24, ! 192.168.11.11 } to any
>> the rule expands o parsing by pfctl to:
>>    block in quick from 192.168.0.0/24 to any
>>    block in quick from ! 192.168.11.11 to any
>> which leads to a highly undesirable result.
>
> um, what's the "highly undesirable result"?

Since the he stated
> This blocks in everything on 192.168 except 192.168.11.11, as
> expected.

I would assume the 'undesirable' part is 192.168.11.11 being blocked.

-- 
rodd_(_at_)_polylogics_(_dot_)_com     "The avalanche has already started, it is too
Rod Dorman              late for the pebbles to vote." ? Ambassador Kosh

References:
- Unexpected Behaviour ? pf "quick" in negated ranges
  - From: Victor Lee

Prev by Date: Re: XML tools for OpenBSD
Next by Date: intel releases a fix for buffer-overflows
Previous by thread: Unexpected Behaviour ? pf "quick" in negated ranges
Next by thread: Wi-fi filtering problem
Index(es):
- Date
- Thread

Visit your host, monkey.org