15 Apr
2010
15 Apr
'10
1:51 p.m.
2010/4/15 Juha Heinanen <jh(a)tutpro.com>om>:
Juha Heinanen writes:
I assume that in case two entries share the same ip_addr but different
mask, then the match would be priorized to the entry with greatest
mask value, am I right? This is:
1) 1.2.3.0 / 24
2) 1.2.3.4 / 32
If the source IP is 1.2.3.4 then I expect permissions module to
retrieve the second entry (as it mask value is the greatest one of all
the entries matching the source IP).
Same could be done with the port: If two entries share the same
ip_addr and mask, then that with port != 0 would have priority. Does
it make sense?
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
i think that grp should also be included in the
unique key.
as well as port, but things get tricky, since port can be 0 that matched
all ports.