On (2010-12-09 23:59 +0200), Saku Ytti wrote: Ugh.
> The missing bits are never/rarely going to lead to expected behaviour. > Anything > more specific than /88 should just be used. /just not/ > deny tcp F00F::C7C9:0/120 eq www host 2001:DB8::1 eq 42 sequence 30 > deny tcp 50:F00F::C9:0/104(eui) eq www host 2A:2001:DB8::1(eui) > eq 42 > > Especially observe how the sequence 20 becomes completely different rule in /sequence 30/ -- ++ytti _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
