[SR-Users] [permissions] 'address' table and mask priorirty

Juha Heinanen jh at tutpro.com
Wed Apr 28 19:13:20 CEST 2010


Iñaki Baz Castillo writes:

 > However after checking the module code it seems that there are just
 > two cases: 
 > - IP addresses (mask = 32).
 > - Subnets (mask != 32).
 > 
 > So first the source address is always matched against he address hash,
 > and if it doesn't match then it is matched against the subnet hash,
 > but in this last case it is not taken into account any kind of
 > priority based on mask value, am I right?

yes, if address does not match exactly, the any address/mask that
matches results in success.

-- juha
 




More information about the sr-users mailing list