Would there be any issue with overlaps between aliases?

Trel · May 21, 2014, 5:46 PM

Assuming all rules would be the same action (only allow, or only block, and not a mix of the two).

If I had aliases that had common IPs or ports, would that cause any problems if I had rules for both?

Such as
Alias 1: ports 1-20
Alias 2: ports 15-25

and then I allow them both.

rjcrowder · May 21, 2014, 5:58 PM

Aliases can be anything… You just need to make sure the way you build rules makes sense based on the fact that they are executed in order and processing stops when the first rule evaluates as true.

Trel · May 21, 2014, 7:31 PM

@rjcrowder:

Aliases can be anything… You just need to make sure the way you build rules makes sense based on the fact that they are executed in order and processing stops when the first rule evaluates as true.

Yep, I wasn't worried about the order just if there'd be any issues with having the same port/ip/etc in two different aliases.
All of these are to be used for allow rules.

jimp · May 27, 2014, 4:33 PM

That won't matter. You can have completely identical aliases with different names if you want. The rules only see the aliases on the individual rules, so oversimplify it a bit: A rule only knows about the items in the alias used on that rule.