It would be useful to have something that would take
an IP address range and return the minimum coverage
CIDR for that block (for use in feeding to iptables).
For those addicted to command line (gipsc needs gnome), try netmask :
#netmask -c 192.168.10.224:192.168.10.255
192.168.10.224/27
It would be useful to have something that would take
an IP address range and return the minimum coverage
CIDR for that block (for use in feeding to iptables).
For example, if I want to allow access for hosts
1.2.3.1 - 1.2.3.4, I currently can allow them
individually or just allow the
Actually, the previous post's usage of netmask would
probably do the trick:
[EMAIL PROTECTED]:~$ netmask -c 1.2.3.1:1.2.3.4
1.2.3.1/32
1.2.3.2/31
1.2.3.4/32
so, e.g.:
for hostmask in `netmask -c 1.2.3.1:1.2.3.4`; do
iptables -A INPUT -s $hostmask -d `ifconfig eth0 |
grep
It would be useful to have something that would take
an IP address range and return the minimum coverage
CIDR for that block (for use in feeding to iptables).
For those addicted to command line (gipsc needs gnome), try netmask :
#netmask -c 192.168.10.224:192.168.10.255
192.168.10.224/27
It would be useful to have something that would take
an IP address range and return the minimum coverage
CIDR for that block (for use in feeding to iptables).
For example, if I want to allow access for hosts
1.2.3.1 - 1.2.3.4, I currently can allow them
individually or just allow the
Actually, the previous post's usage of netmask would
probably do the trick:
[EMAIL PROTECTED]:~$ netmask -c 1.2.3.1:1.2.3.4
1.2.3.1/32
1.2.3.2/31
1.2.3.4/32
so, e.g.:
for hostmask in `netmask -c 1.2.3.1:1.2.3.4`; do
iptables -A INPUT -s $hostmask -d `ifconfig eth0 |
grep
On 2003/03/11 02:12:12PM -0600, Tue, Bill wrote:
Hello Debian,
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
My question: what makes /27 significant
http://www.ralphb.net/IPSubnet/class_a.html
That is a page I use whenever I need to do anything with subnets.
It explains that the /27 subnet has 30 hosts.
So if you only wanted to block hosts X.Y.Z.23 - X.Y.Z.55 I would do
everything under 64.. otherwise you get into defining multiple subnets so
Bill wrote:
Hello Debian,
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
My question: what makes /27 significant
X.Y.Z.224 - X.Y.Z.255
deny from 63.148.99.224/27
Hi
Consider each octet of an IP address in turn.
Octet:-
256-(2^n(4)).256-(2^n(3)).256-(2^n(2)).256-(2^n(1))
start with n(1), then n(2) and through to n(4).
where 0=n(x)=8
and x=1;x=4;x++
and where x increments n(x-1)==8 always.
and to get the prefix length /mm =32 - (sum n(x))
Alastair
On Tue, 11 Mar 2003, Bill wrote:
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
All the numbers after a / define a subnet. For example a /24 subnet
contais 256
This is an excellent guide to understanding IP addresses.
http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf
shawn
Hello Debian,
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand
Thanks ian,
Your pointer turned out to be most valuable. If anyone else wants to
know I found this table most helpful.
google search result on:howto CIDR range
http://www.obfuscation.org/techs/cidr-conversion-table.html
On March 11, 2003 03:51 pm, you wrote:
Bill, just a tip, but
Bill wrote:
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
Netmasks work using a binary logical AND operation. A few years ago, you
would be using something like
It would be useful to have something that would take
an IP address range and return the minimum coverage
CIDR for that block (for use in feeding to iptables).
For example, if I want to allow access for hosts
1.2.3.1 - 1.2.3.4, I currently can allow them
individually or just allow the entire /24.
On 2003/03/11 02:12:12PM -0600, Tue, Bill wrote:
Hello Debian,
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
My question: what makes /27 significant
http://www.ralphb.net/IPSubnet/class_a.html
That is a page I use whenever I need to do anything with subnets.
It explains that the /27 subnet has 30 hosts.
So if you only wanted to block hosts X.Y.Z.23 - X.Y.Z.55 I would do
everything under 64.. otherwise you get into defining multiple subnets so
Bill wrote:
Hello Debian,
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
My question: what makes /27 significant
X.Y.Z.224 - X.Y.Z.255
deny from 63.148.99.224/27
Hi
Consider each octet of an IP address in turn.
Octet:-
256-(2^n(4)).256-(2^n(3)).256-(2^n(2)).256-(2^n(1))
start with n(1), then n(2) and through to n(4).
where 0=n(x)=8
and x=1;x=4;x++
and where x increments n(x-1)==8 always.
and to get the prefix length /mm =32 - (sum n(x))
Alastair
On Tue, 11 Mar 2003, Bill wrote:
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
All the numbers after a / define a subnet. For example a /24 subnet
contais 256
This is an excellent guide to understanding IP addresses.
http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf
shawn
Hello Debian,
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand
Thanks ian,
Your pointer turned out to be most valuable. If anyone else wants to
know I found this table most helpful.
google search result on:howto CIDR range
http://www.obfuscation.org/techs/cidr-conversion-table.html
On March 11, 2003 03:51 pm, you wrote:
Bill, just a tip, but
Bill wrote:
I want to block all ip's ending in 224 to 255 but not 220 and others
searching the net I found I need to add /27 to end of the ip.
I understand /8 /16 /24 /32 somewhat but...
Netmasks work using a binary logical AND operation. A few years ago, you
would be using something like
It would be useful to have something that would take
an IP address range and return the minimum coverage
CIDR for that block (for use in feeding to iptables).
For example, if I want to allow access for hosts
1.2.3.1 - 1.2.3.4, I currently can allow them
individually or just allow the entire /24.
24 matches
Mail list logo
