> This entry in /etc/ipchains.input appears to do as I need: > > $IPCH -I input -j DENY -p all -s 0/0 -d 255.255.255.255 -i $EXTERN_IF > > One thing that concerns me is this statement from man ipchains: > > ``The mask can be either a network mask or a plain number, specifying > the number of 1's at the left side of the network mask. Thus, a mask > of 24 is equivalent to 255.255.255.0.'' > > Do I need to specify /32?
No. If you don't specify a netmask (or masklength), IPChains treats the IP as a single host (ie the default netmask is /32 or 255.255.255.255 if it is not provided). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
