ok, I got most of the basics down.
when i want to deny an ip or all of an ip block (last numbers only) I can do:
iptables -A INPUT -s xxx.yyy.zzz.0/24 -j DROP
and it takes care of the entire ip block.

However, I want to block entire ranges hwere I have XX.YY.0.0 between 
xx.yy.0.0 and xx.yy.255.255. whats the netmask notation for this?

also, whats the notation if I want to block a partial range on the last 
digets (llike xxx.yyy.zzz.aaa-bbb where aaa= low end and bbb= high end)?

some thinsg are just not explained in the iptables howto

here are the addresses I really wish to block:

65.218.172.208-223
63.99.64.64-127
65.192.*
65.118.41.192-223
63.148.99.224-255
63.64.*
209.244.*

I have been seeing a lot of strange activity from these ranges of late and 
have discovered that they belong to:
1. RIAA
2. cyveillance
3. warner music
4 BayTSP
5. IRMA

most of the "strange activities" have been related to attempted breakins 
(hacking/cracking), DoS, and other such nonsense. given stories of late in /. 
and a few of the more mainstream news sources, it looks like the RIAA and 
associates are looking for people who are sharing or running servers (I will 
admit to neither at this time) and they aren't caring if they are violating 
current laws or not in their pursuit of "revenue stream protection"

if someone would be so kind as to help me figure out the netmask notations on 
the above, I would greatly appreciate it.

Thanks

Technomage

-- 
I will not be pushed, filed, stamped, indexed, briefed, debriefed, or 
numbered!
My life is my own - No. 6