Re: [sane-devel] need network syntax for saned.conf
On 11/26/2017 12:39 AM, ToddAndMargo wrote: Which was my complaint with "192.168.2.12/29" which only refers to one IP address, not all the IPs in its mask (not the block). okay, I am not making any sense here. What I was complaining about was 192.168.2.14, not .12, which is correct. I am looking around trying to find where I saw .14. -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org
Re: [sane-devel] need network syntax for saned.conf
On 11/26/2017 12:39 AM, ToddAndMargo wrote: I have to go and find where I got the misunderstanding. One of the pains-in-the -neck of RHEL is that EVERYTHING is deliberately out-of-date. Man pages are often wrong. Not finding it so far, but I did find the example in /etc/sane.d/saned.config #192.168.0.1 #192.168.0.1/29 That should be 192.168.0.0/29, not 1/29 Maybe I was on an outdated man page? -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org
Re: [sane-devel] need network syntax for saned.conf
On 11/25/2017 09:48 PM, Olaf Meeuwissen wrote: Hi, ToddAndMargo writes: Le samedi 25 novembre 2017, 01:38:56 ToddAndMargo a écrit : Hi All, In saned.conf, what is the proper syntax to allow all IP from a particular network: 192.168.100.0/24 and what is the syntax allow a range of networks: 192.168.100.0/24 through 192.168.105.0/24 Many thanks, -T On 11/25/2017 02:05 AM, e.m...@orange.fr wrote: > Hello Sir, > > I'm not a specialist of sane but my search engine with "man saned.conf" gave > me the following page > https://linux.die.net/man/8/saned > where I see an example > # Access list > scan-client.somedomain.firm > # this is a comment > 192.168.0.1 > 192.168.2.12/29 > [::1] > [2001:7a8:185e::42:12]/64 > > Is it clear enough? > > Have a nice Saturday > > Regards Actually no. I had found that portion, but got frustrated with them calling "hostnames" as "IP addresses". Not the same thing. Hostname is before the IP address is resolved. You're right that host names and IP addresses are not the same thing, but the saned manual page says: The access list is a list of host names, IP addresses or IP subnets (CIDR notation) It doesn't say they are the same thing. It just says that you can use whatever combination of these three is most convenient for you. I have to go and find where I got the misunderstanding. One of the pains-in-the -neck of RHEL is that EVERYTHING is deliberately out-of-date. Man pages are often wrong. And "192.168.2.12/29" which only gives you a single IP address with its subnet mask. Using that would allow access from all eight IPv4 addresses that have the same 29 initial bits as 192.168.2.12. Please note that the CIDR notation was introduced exactly to allow addressing on arbitrary bit boundaries. See https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing From the above link: For example: 192.168.100.14/24 represents the IPv4 address 192.168.100.14 and its associated routing prefix 192.168.100.0, or equivalently, its subnet mask 255.255.255.0, which has 24 leading 1-bits. the IPv4 block 192.168.100.0/22 represents the 1024 IPv4 addresses from 192.168.100.0 to 192.168.103.255. Which was my complaint with "192.168.2.12/29" which only refers to one IP address, not all the IPs in its mask (not the block). If you wanted everyone in 29's mask (the block), it would have been written as 29's broadcast address, not a member of the mask: 192.168.100.12/29 meaning 192.168.100.12 to 15 The above line shows that you do not need the subnet mask. xxx.xxx.xxx.0/24 tells you all the IP's from xxx.xxx.xxx.1 to 255 Can I get away with 192.168.222.0/23? That would be 192.168.222 to 223. 1 to 255 Yes. Hope this helps, Yes it does! Thank you! Are you able to look at my error log over on "[sane-devel] where is my socket error?" This dog (PDF Studio) don't hunt (read saned)! -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org
Re: [sane-devel] need network syntax for saned.conf
Hi, ToddAndMargo writes: >> >> Le samedi 25 novembre 2017, 01:38:56 ToddAndMargo a écrit : >>> Hi All, >>> >>> In saned.conf, >>> >>> what is the proper syntax to allow all IP from a particular network: >>> >>> 192.168.100.0/24 >>> >>> and what is the syntax allow a range of networks: >>> >>> 192.168.100.0/24 through 192.168.105.0/24 >>> >>> >>> Many thanks, >>> -T >> > > On 11/25/2017 02:05 AM, e.m...@orange.fr wrote: > > Hello Sir, > > > > I'm not a specialist of sane but my search engine with "man > saned.conf" gave > > me the following page > > https://linux.die.net/man/8/saned > > where I see an example > ># Access list > >scan-client.somedomain.firm > ># this is a comment > >192.168.0.1 > >192.168.2.12/29 > >[::1] > >[2001:7a8:185e::42:12]/64 > > > > Is it clear enough? > > > > Have a nice Saturday > > > > Regards > > > Actually no. > > I had found that portion, but got frustrated with them > calling "hostnames" as "IP addresses". Not the same > thing. Hostname is before the IP address is resolved. You're right that host names and IP addresses are not the same thing, but the saned manual page says: The access list is a list of host names, IP addresses or IP subnets (CIDR notation) It doesn't say they are the same thing. It just says that you can use whatever combination of these three is most convenient for you. > And "192.168.2.12/29" which only gives you a single IP > address with its subnet mask. Using that would allow access from all eight IPv4 addresses that have the same 29 initial bits as 192.168.2.12. Please note that the CIDR notation was introduced exactly to allow addressing on arbitrary bit boundaries. See https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing > The above line shows that > you do not need the subnet mask. xxx.xxx.xxx.0/24 > tells you all the IP's from xxx.xxx.xxx.1 to 255 > > Can I get away with 192.168.222.0/23? That would > be 192.168.222 to 223. 1 to 255 Yes. Hope this helps, -- Olaf Meeuwissen, LPIC-2FSF Associate Member since 2004-01-27 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9 Support Free Softwarehttps://my.fsf.org/donate Join the Free Software Foundation https://my.fsf.org/join -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org
Re: [sane-devel] need network syntax for saned.conf
Le samedi 25 novembre 2017, 01:38:56 ToddAndMargo a écrit : Hi All, In saned.conf, what is the proper syntax to allow all IP from a particular network: 192.168.100.0/24 and what is the syntax allow a range of networks: 192.168.100.0/24 through 192.168.105.0/24 Many thanks, -T On 11/25/2017 02:05 AM, e.m...@orange.fr wrote: > Hello Sir, > > I'm not a specialist of sane but my search engine with "man saned.conf" gave > me the following page > https://linux.die.net/man/8/saned > where I see an example ># Access list >scan-client.somedomain.firm ># this is a comment >192.168.0.1 >192.168.2.12/29 >[::1] >[2001:7a8:185e::42:12]/64 > > Is it clear enough? > > Have a nice Saturday > > Regards Actually no. I had found that portion, but got frustrated with them calling "hostnames" as "IP addresses". Not the same thing. Hostname is before the IP address is resolved. And "192.168.2.12/29" which only gives you a single IP address with its subnet mask. The above line shows that you do not need the subnet mask. xxx.xxx.xxx.0/24 tells you all the IP's from xxx.xxx.xxx.1 to 255 Can I get away with 192.168.222.0/23? That would be 192.168.222 to 223. 1 to 255 Thank you for helping anyway. -T -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org
Re: [sane-devel] need network syntax for saned.conf
Hello Sir, I'm not a specialist of sane but my search engine with "man saned.conf" gave me the following page https://linux.die.net/man/8/saned where I see an example # Access list scan-client.somedomain.firm # this is a comment 192.168.0.1 192.168.2.12/29 [::1] [2001:7a8:185e::42:12]/64 Is it clear enough? Have a nice Saturday Regards Le samedi 25 novembre 2017, 01:38:56 ToddAndMargo a écrit : > Hi All, > > In saned.conf, > > what is the proper syntax to allow all IP from a particular network: > >192.168.100.0/24 > > and what is the syntax allow a range of networks: > >192.168.100.0/24 through 192.168.105.0/24 > > > Many thanks, > -T -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org
[sane-devel] need network syntax for saned.conf
Hi All, In saned.conf, what is the proper syntax to allow all IP from a particular network: 192.168.100.0/24 and what is the syntax allow a range of networks: 192.168.100.0/24 through 192.168.105.0/24 Many thanks, -T -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org