Using / notation in tables?
Daniel Hartmeier
daniel at benzedrine.cx
Tue Nov 29 08:49:12 GMT 2005
On Tue, Nov 29, 2005 at 01:24:04AM -0500, Forrest Aldrich wrote:
> Is it not valid to specify in a file based table:
>
> 11.22.33.0/24
>
> using slash notation?
>
> I looked at the PF page, and it seems ambiguious about whether this is
> valid or not.
It's valid:
# cat file
1.2.3.4
11.22.33.0/24
5.6.7.8
# pfctl -t foo -Tr -f file
1 table created.
3 addresses added.
# pfctl -t foo -Ts
1.2.3.4
5.6.7.8
11.22.33.0/24
# pfctl -t foo -vTt 11.22.33.44
1/1 addresses match.
M 11.22.33.44
> I'm guessing not, since I just created a GeoIP table (file-based) which
> has slash notation in it, and I'm getting spam hits from one of the
> networks already/still.
Then something else is wrong, either the rule using the table doesn't
match (for some other reason than the table not matching), or another
rule is the last matching rule for that connection. Either way, the CIDR
notation in the table is not the problem.
Daniel
More information about the freebsd-pf
mailing list