Hi Bobb
Thank you for replay.
BUT …
Its my fault 🙁
the 172.16.0.0/16 INCLUDEs the 172.16.0.0/24 network, which is unacceptable in my situation(May be I mast do not use this network, but for the moments in this network there is application servers)
What is I need (If someone is familiar with Winroute)
Address Definitions:
Net1 – 172.16.1.0/24
Net2 – 172.16.2.0/24
……
Net12 – 172.16.12.0/24
All_IP_Nets
+Net1
+Net2
…..
+Net12
And the rule is like:
src | dst |Service | Action
All_IP_Nets |All_IP_nets| Any | DROP/REJECT
In iptables documentation there is option to use address groups, or alliases, or.. for source and destination, but what is the syntax, I cannot find nowhere such examples.
Thanks to all