Wouldn't something along the lines of this accomplish that?
priority=1001,nw_src=10.0.0.10,action=drop
priority=1000,nw_src=10.0.0.0/24,action=normal
--Justin
On Aug 17, 2011, at 10:38 AM, Masoud Moshref Javadi wrote:
> Thank you for your answer.
> Suppose that we have two rules: first, permits packet from 10.0.0.0/24 and
> the other denies packets from 10.0.0.10 (with higher priority). Is there any
> way to partition this space efficiently into non-overlapping rules?
>
> On 8/17/2011 8:33 AM, Justin Pettit wrote:
>> There's support for IP address CIDR blocks. Currently, there is no way to
>> specify groups of ports; see the thread titled "Port range masking" on this
>> list from a couple of weeks ago on the subject:
>>
>> http://openvswitch.org/pipermail/discuss/2011-August/005486.html
>>
>> If you have thoughts on the subject, please respond to that thread.
>>
>> --Justin
>>
>>
>> On Aug 17, 2011, at 6:04 AM, Masoud Moshref Javadi wrote:
>>
>>> Is there any support for arbitrary ranges for rules, for IP addresses or
>>> port/protocol numbers. I mean something like 10.0.0.0 to 10.0.0.10.
>>> If no, is there any plan for it?
>>> _______________________________________________
>>> discuss mailing list
>>> discuss@openvswitch.org
>>> http://openvswitch.org/mailman/listinfo/discuss
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
