On Fri, 2014-10-31 at 01:25 +1100, Steve Walsh wrote:
On 10/31/2014 01:20 AM, Always Learning wrote:
-R 4web 5 -p tcp --dport 888 -s 192.168.2.1/23 -j ACCEPT
That will only work if you want to permit from source addresses in the 192.168.2.1 and 192.168.3.1 netblocks. I think you want a -s 192.168.1.1/23
That was merely an idle example.
<anecdote> When I was first starting out in IT, I was transitioning from Comms Engineering, where I was mentored by one of the guy who helped build the PSTN telephone network in AU. The two things he hammered home to me where;
- Always check the lines you're working on, and then checking the
numbers again.
and
- Always know how to use a different set of tools, because your
preferred one may not be available when you need it the most.
</anecdote>
Agree about getting it correct the first time, because corrections can be time consuming burdens.
The more one knows technically, the easier it is to devise an alternative solution.