On Fri, 2014-10-31 at 01:25 +1100, Steve Walsh wrote: > On 10/31/2014 01:20 AM, Always Learning wrote: > > -R 4web 5 -p tcp --dport 888 -s 192.168.2.1/23 -j ACCEPT > That will only work if you want to permit from source addresses in the > 192.168.2.1 and 192.168.3.1 netblocks. I think you want a -s 192.168.1.1/23 That was merely an idle example. > <anecdote> > When I was first starting out in IT, I was transitioning from Comms > Engineering, where I was mentored by one of the guy who helped build the > PSTN telephone network in AU. The two things he hammered home to me where; > > * Always check the lines you're working on, and then checking the > numbers again. > > and > > * Always know how to use a different set of tools, because your > preferred one may not be available when you need it the most. > </anecdote> Agree about getting it correct the first time, because corrections can be time consuming burdens. The more one knows technically, the easier it is to devise an alternative solution. -- Regards, Paul. England, EU.