fwbuilder 3.0.7 and iptables 1.4.2-rc1

Is iptables 1.4.2-rc1 on opensuse 11.1 broken or do I have something
configured wrong?

Fwbuilder 3.0.7 produced the following for a rule I setup and below is
what the command iptables -L indicates. Why is the source address
missing?

$IPTABLES -N In_RULE_23
$IPTABLES -A INPUT  -i eth0  -p tcp -m tcp  -s 209.225.8.224/0   --dport
143  -j In_RULE_23
$IPTABLES -A FORWARD  -i eth0  -p tcp -m tcp  -s 209.225.8.224/0
--dport 143  -j In_RULE_23
$IPTABLES -A In_RULE_23  -m limit --limit 2/second -j LOG  --log-level
warning --log-prefix "fp=mail:23"
$IPTABLES -A In_RULE_23  -j ACCEPT
#


-A INPUT -i eth0 -p tcp -m tcp --dport 143 -j In_RULE_23
-A FORWARD -i eth0 -p tcp -m tcp --dport 143 -j In_RULE_23
-A In_RULE_23 -m limit --limit 2/sec -j LOG --log-prefix "fp=mail:23"
-A In_RULE_23 -j ACCEPT


Thanks.

Stan



------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion

On Sep 27, 2009, at 1:41 PM, Stan Gammons wrote:


this looks strange. Were there any errors when you activated new  
policy ?

--vk


------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion

On Sun, 2009-09-27 at 19:56 -0300, Henrique de Moraes Holschuh wrote:
> Look at the netmask.  iptables is quite smart enough to reduce 209.225.8.224/0
> to 0/0, and 0/0 means any, which means it will not be displayed.

After a second look, I figured out it was because of the subnet mask.

> Now, why the netmask is /0 is the real question...

Operator error. Sort of. I used the network object rather than the
address object. The network object let me enter an IP address and it set
the subnet mask at 0.0.0.0

I think Vadim is going to look at adding some sort of check to prevent
this from happening. Good idea, just in case someone else has a duh huh
moment...


Stan



------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
Fwbuilder-discussion mailing list
Fwbuilder-discussion@...
https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion