Number of significant network bits.
Netmasks are 4 octets, each of 8 bits, creating decimal numbers 0-255.
A netmask of 255.255.255.0, for example, is binary:
11111111.11111111.11111111.00000000
When you count the 1s, you get 24 -- ergo the /24.
In a subnet mask, the 1's represent a designation that a bit is a "network
bit", and the 0's are "host bits". In terms of your allow and deny rules,
you will, any host which has "matching" bits for each subnet "network"
bit, will be considered a match. Host bits are ignored.
(ie, in the case of the mask above, the /24, the first 24 bits of the
origin address must match the first 24 bits of your "allowed" address. The
rest is ignored.)
Obviously, then, /32 is all ones -- meaning a match only occurs when the
ips are an exact match on every bit.
-Matt
On Sat, 17 Oct 1998, Marc Corel wrote:
> Hi,
> I know I should do:
> ipfwadm -F -p deny
> ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> (if I want Internet access to all nodes of my local network adress
> 192.168.1.0)..
> But..what does the "24" number meanning??
>
> Same question for 2 of my terminals to which I allow internet access:
> ipfwadm -F -a m -S 192.168.1.6/32 -D 0.0.0.0/0
> ipfwadm -F -a m -S 192.168.1.8/32 -D 0.0.0.0/0
> (what is the number 32 ..for??)
>
> Thanks
>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
