need some small help with iptables
der.hans
plug-discuss@lists.plug.phoenix.az.us
Thu, 22 Aug 2002 09:40:36 -0700 (MST)
Am 22. Aug, 2002 schwätzte technomage so:
> ok, I got most of the basics down.
> when i want to deny an ip or all of an ip block (last numbers only) I can do:
> iptables -A INPUT -s xxx.yyy.zzz.0/24 -j DROP
> and it takes care of the entire ip block.
>
> However, I want to block entire ranges hwere I have XX.YY.0.0 between
> xx.yy.0.0 and xx.yy.255.255. whats the netmask notation for this?
That's a slash-16, e.g. xx.yy.0.0/16.
Look for an explanation on using CIDR addresses. There should be several
explanations in HOWTOs on the LDP. Any book on networking published in the
last 5 years should also have info.
ciao,
der.hans
--
# https://www.LuftHans.com/
# "Science is like sex: sometimes something useful comes out, but
# that is not the reason we are doing it." -- Richard Feynman