On Wed, 31 Jan 2001, Dave Laird wrote:
> So, wanting to block an entire network block of 62.253, which is
> 62.253.0.0-62.253.255.255 (if I am asking the question incorrectly,
> please correct me) then I would do this:
>
> ipchains -A input -j REJECT -p all -l -s 62.253.0.0/24
>
> Is this not correct? What would work as I described, if this is the
> improper notation?
No, the /24 only gives you a 24-bit mask (class C network), which would
only block 63.253.0.0-63.253.0.255. To block the entire class B network
62.253.0.0, you need a /16 mask -- 62.253.0.0/16
-Ray
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Ray DeJean http://www.r-a-y.org
Systems Administrator Southeastern Louisiana University
IBM Certified Specialist AIX Administration, AIX Support
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
