I came across a rule:
iptables -A INPUT -p tcp -s 17.3.3.5/24 -d 0/0 --dport 22 -j DROP
and I was just wondering if someone could explain what this rule is doing. More importantly, I would like to know what the
-d 0/0
part means, in the whole rule (I know its destination specification, so the 0/0 part should be an IP address, but why is it 0/0?).
Im speculating that the rule is dropping that one source address when it arrives at destination port 22, but I'm not sure.
If someone could explain, that would be great.
Couldn't find an answer when searching the interwebs :C
Just like -s 17.3.3.5/24 means any source within the CIDR block 17.3.3.5/24, -d 0/0 means any destination within the CIDR block 0.0.0.0/0. Since there are no bits in the network number, every address is inside this network. So it means any destination at all.