On Sat, Dec 12, 2009 at 10:07 PM, Hugh McDonald <hugh.sy...@shaw.ca> wrote:
> iptables verson 1.4.5-1 for amd64 ignores the address mask on
> source address arguments. "-s 192.168.1.0/24" is treated as
> "-s 192.168.1.0/0" both as reported by "iptables -L -n -v" and as
> seen in firewall logs. Version 1.4.4-2 function correctly.
r...@absolom:~# iptables -vt mangle -A PREROUTING -p tcp -s 192.168.1.0/24
tcp opt -- in * out * 192.168.1.0/24 -> 0.0.0.0/0
r...@absolom:~# iptables -t mangle -nvL
Chain PREROUTING (policy ACCEPT 16 packets, 4407 bytes)
pkts bytes target prot opt in out source
destination
0 0 tcp -- * * 192.168.1.0/24
0.0.0.0/0
It works for me with 1.4.5-1 on amd64, though with a 2.6.32 kernel.
Care to share the commands you use?
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
