Iptables seens doesn't understand network address not in class A, B or C

Iptables seens doesn't understand network address not in class A, B or C

[caricand.jean-michel]

[-- Attachment #1: Type: text/plain, Size: 623 bytes --]

I have a local network with 10.0.2.0 address and 255.255.254.0 netmask. 

My firewall have IP 10.0.2.130 on eth0. 
My station have IP 10.0.2.2.

I configure my firewall for drop the ping from the station with 1 rules :

# iptables -A INPUT -i eth0 -s 10.0.2.2 -p icmp -j DROP 

When I ping the firewall from my station (ping 10.0.2.130) , I receive an response from the serveur 

Why ?

What is the problem ? My netmask ?

If i modify my netmask to 255.0.0.0 on firewall and my station, the ping doesn't work. Normal !

Iptables don't understand network address not in class A, B or C 

HELP ME !!!



[-- Attachment #2: Type: text/html, Size: 1418 bytes --]

Re: Iptables seens doesn't understand network address not in class A, B or C

[Antony Stone]

On Tuesday 09 July 2002 6:03 am, caricand.jean-michel wrote:

> I have a local network with 10.0.2.0 address and 255.255.254.0 netmask.
>
> My firewall have IP 10.0.2.130 on eth0.
> My station have IP 10.0.2.2.
>
> I configure my firewall for drop the ping from the station with 1 rules :
>
> # iptables -A INPUT -i eth0 -s 10.0.2.2 -p icmp -j DROP
>
> When I ping the firewall from my station (ping 10.0.2.130) , I receive an
> response from the serveur
>
> Why ?
>
> What is the problem ? My netmask ?

No; netfilter can handle any netmask you like - even very strange ones.

What is the routing table on:
a) your firewall
b) machine 10.0.2.2

 

Antony