Re: CIDR Notation in ACL -- silent failure

Hi Michael, On Tue, Apr 12, 2016 at 08:12:48PM -0400, Michael Ezzell wrote: > On Apr 12, 2016 8:09 AM, "Willy Tarreau" wrote: > > > > > I learned it 18 years ago when QNX was shipping a fully working OS and > browser > > on a single diskette. The browser used to connect to

Re: CIDR Notation in ACL -- silent failure

On Wed, Apr 13, 2016 at 12:37:37AM +0200, Daniel Schneller wrote: > > > On 12.04.2016, at 14:07, Willy Tarreau wrote: > > > >> I will at least provide a documentation patch then, soon. > > > > OK. > > As promised, a few words, hopefully clarifying things in the docs. That's very

Re: CIDR Notation in ACL -- silent failure

On Apr 12, 2016 8:09 AM, "Willy Tarreau" wrote: > > I learned it 18 years ago when QNX was shipping a fully working OS and browser > on a single diskette. The browser used to connect to http://127.1/ and since > then I don't think I have ever typed 127.0.0.1 anymore. Same for most

Re: CIDR Notation in ACL -- silent failure

On 12.04.2016, at 14:07, Willy Tarreau wrote:I will at least provide a documentation patch then, soon.OK.As promised, a few words, hopefully clarifying things in the docs. 0001-DOC-Clarify-IPv4-address-mask-notation-rules.patch Description: Binary data Cheers,Daniel

Re: CIDR Notation in ACL -- silent failure

Hi Daniel, On Tue, Apr 12, 2016 at 01:47:25PM +0200, Daniel Schneller wrote: > Hi Willy! > > Thanks for looking into this. As mentioned in an earlier post I don???t have > any relevant C skills (but have been writing Java other languages); but still > I went into the code, telling myself ???how

Re: CIDR Notation in ACL -- silent failure

Hi Willy! Thanks for looking into this. As mentioned in an earlier post I don’t have any relevant C skills (but have been writing Java other languages); but still I went into the code, telling myself “how hard could it be to add a warning for less than three dots with a mask”. I quickly

Re: CIDR Notation in ACL -- silent failure

Hi guys, On Sat, Apr 09, 2016 at 03:38:39PM +0200, Pavlos Parissis wrote: > On 09/04/2016 02:59 , Daniel Schneller wrote: > > Hi Pavlos! > > > >> On 09.04.2016, at 11:39, Pavlos Parissis > >> wrote: > >> > >> On 08/04/2016 11:59 , Daniel Schneller wrote: >

Re: CIDR Notation in ACL -- silent failure

On 09/04/2016 02:59 μμ, Daniel Schneller wrote: > Hi Pavlos! > >> On 09.04.2016, at 11:39, Pavlos Parissis >> wrote: >> >> On 08/04/2016 11:59 πμ, Daniel Schneller wrote: >>> Hi! >>> >>> I noticed that while this ACL matches my source IP of >>> 192.168.42.123: >>>

Re: CIDR Notation in ACL -- silent failure

Hi Pavlos! > On 09.04.2016, at 11:39, Pavlos Parissis wrote: > > On 08/04/2016 11:59 πμ, Daniel Schneller wrote: >> Hi! >> >> I noticed that while this ACL matches my source IP of 192.168.42.123: >> >> acl src_internal_net src 192.168.42.0/24 >> >> this one

Re: CIDR Notation in ACL -- silent failure

On 08/04/2016 11:59 πμ, Daniel Schneller wrote: > Hi! > > I noticed that while this ACL matches my source IP of 192.168.42.123: > > acl src_internal_net src 192.168.42.0/24 > > this one does _not_: > > acl src_internal_net src 192.168.42/24 > > While not strictly part of RFC 4632

CIDR Notation in ACL -- silent failure

Hi! I noticed that while this ACL matches my source IP of 192.168.42.123: acl src_internal_net src 192.168.42.0/24 this one does _not_: acl src_internal_net src 192.168.42/24 While not strictly part of RFC 4632 (yet), leaving out trailing .0 octets is a very common notation and is