CIDR notation is for addresses, not for names. That host/mask works with
iptables is unintended functionality. In other words, a bug.
> On Jul 26, 2017, at 00:04, Miroslav Lichvar <mlich...@redhat.com> wrote:
> On Tue, Jul 25, 2017 at 06:36:26PM +0000, Parker, Michael D. wrote:
>> BTW, I have use this format in specifying network ranges in IPTABLES
>> without a problem (EX: -A INPUT -s mynetwork/16 -j ACCEPT where my network
>> is defined in /etc/hosts) ...so this type of syntax is a known quantity and
>> the action is generally understood.
> Ok, so there is at least one program which accepts such syntax.
> However, from the man page I have a feeling the mask was supposed to
> work only with IP addresses.
> [!] -s, --source address[/mask][,...]
> Source specification. Address can be either a network name, a
> hostname, a network IP address (with /mask), or a plain IP
> address. Hostnames will be resolved once only, before the rule
> is submitted to the kernel. Please note that specifying any
> name to be resolved with a remote query such as DNS is a really
> bad idea. The mask can be either an ipv4 network mask (for ipt‐
To unsubscribe email chrony-users-requ...@chrony.tuxfamily.org
with "unsubscribe" in the subject.
For help email chrony-users-requ...@chrony.tuxfamily.org
with "help" in the subject.
Trouble? Email listmas...@chrony.tuxfamily.org.