From: Grant Taylor <gtaylor@riverviewtech.net>
To: Mail List - Netfilter <netfilter@vger.kernel.org>
Subject: Re: ipset returns "Zero valued IP address" when trying to add '0.0.0.0/7'
Date: Wed, 12 Nov 2008 00:23:04 -0600 [thread overview]
Message-ID: <491A7648.6000703@riverviewtech.net> (raw)
In-Reply-To: <7259d7020811112155j5315d0e0ke9bc7576e927ad76@mail.gmail.com>
On 11/11/2008 11:55 PM, JC Janos wrote:
> I'm using IPSET to create a nethash typed set to contain a short list
> of "bogons" as defined @
> http://www.team-cymru.org/Services/Bogons/#http for eventual use in a
> firewall rule.
>
> But for one of those defined nets, ipset fails to add,
>
> ipset -N BOGONS nethash
> ipset -A BOGONS 0.0.0.0/7
> ipset v2.4.3: Zero valued IP address `0.0.0.0' specified
> Try `ipset -H' or 'ipset --help' for more information.
>
> I can certainly use the "0.0.0.0/7" in a rule. How can I correctly
> add it to an ipset?
It sounds like ipset does not like the fact that you are using an IP
address that is all zeros. You may have to add something like the
following:
ipset -A BOGONS 1.0.0.0/7
ipset -A BOGONS 2.0.0.0/7
ipset -A BOGONS 4.0.0.0/7
ipset -A BOGONS 6.0.0.0/7
ipset -A BOGONS 8.0.0.0/7
ipset -A BOGONS 10.0.0.0/7
...
You probably will not be able to start the zero (0.0.0.0/7) network with
a zero for the same reason you are running in to your problem. However
a 1.0.0.0 is with in the zero network with a netmask of /7. The rest of
the networks will probably add ok.
Also, are you sure you meant to enter a netmask of /7 and not /8?
Grant. . . .
next prev parent reply other threads:[~2008-11-12 6:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-12 5:55 ipset returns "Zero valued IP address" when trying to add '0.0.0.0/7' JC Janos
2008-11-12 6:23 ` Grant Taylor [this message]
2008-11-12 7:43 ` Jozsef Kadlecsik
2008-11-12 14:15 ` JC Janos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=491A7648.6000703@riverviewtech.net \
--to=gtaylor@riverviewtech.net \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.