Thank you! It almost does. Now I need to think about it for a bit. Or maybe for an octet. 😊
Fred King, MSLS, AHIP Medical Librarian, MedStar Washington Hospital Center fred.k...@medstar.net<mailto:fred.k...@medstar.net> 202-877-6670 ORCID 0000-0001-5266-0279 MedStar Authors Catalog: http://medstarauthors.org I was singing the blues when I was six. Kind of sad, eh? --Harry Dean Staunton From: asakov...@hmcpl.org <asakov...@hmcpl.org> Sent: Thursday, May 28, 2020 1:45 PM To: King, Fred <fred.k...@medstar.net> Cc: Koha <koha@lists.katipo.co.nz> Subject: [EXTERNAL] Re: [Koha] Sort of OT: configuring UFW ** ATTENTION: This email originated from outside the MedStar network. ** DO NOT CLICK links or attachments unless you recognize the sender and know the content is safe. One of the easiest IP network calculators to use on the web that I’ve found is at http://www.subnet-calculator.com/subnet.php?net_class=B<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.subnet-2Dcalculator.com_subnet.php-3Fnet-5Fclass-3DB&d=DwMFaQ&c=RvBXVp2Kc-itN3g6r3sN0QK_zL4whPpndVxj8-bJ04M&r=vKh6XwOmjyC51IkP1OfsdjQZoWT2vpi6VZl8El8EPRI&m=SedjTjhSL5u6Lty5N79OwD0gVFpS6ppqwP7WxBNpWsk&s=iN8Y55IswKkQJrbzfzvaBqF_QQ4s51JZGzdopNzutAM&e=> Put in an IP address, select the right range, and play with the number of bits of masks to see what the resulting groups are that you can get. This form is JS powered, so there’s no submitting and reloading pages to recalculate — it happens as soon as you change a field value. With masks, you’ve got to remember that the ranges you’re working with are based in binary, so multiples of 1, 2, 4, 8, 16, etc are going to work a whole lot easier than 1, 10, or 100 decimal. For example, you first query: 192.168.x.x is easily handled by 192.168.0.0/16. However, things get complex when you start thinking in terms of decimal and try to map that to binary. So while it’s easy for humans to grok your next request: 192.168.22-65.* Thinking in terms of binary, 22 = 16+4+2. Yuck. 192.168.22.0/23 = 191.168.22.1 - 191.168.23.254 192.168.24.0/21 = 191.168.24.1 - 191.168.31.254 192.168.32.0/19 = 191.168.32.1 - 191.168.63.254 192.168.64.0/23 = 191.168.64.1 - 191.168.65.254 Yes, you need all 4 of those masks to fill up the whole range. Using the aforementioned calculator, I started off with your base address (192.168.22.0) and kept shrinking the number of bits in the mask until the resulting range fell outside of your desired results (from 24 down to 23 — once I switched to 22 bits, the 192.168.22 subnet dropped to a 192.168.16 range — too far!) Go ahead and try it — put 192.168.22.0 in the IP Address field, and start reducing the number of Mask Bits from 24, to 23, and then 22, keeping an eye on the Host Address Range results. Next, take the next range up (we ended the first range with 192.168.23, so start at 192.168.24.0) and keep shrinking the mask to increase the range of available hosts until you again go one bit too far and the resulting range falls outside your desired results. Lather, rinse, repeat, until you have all your subnets. Hope this makes sense! Aaron -- Aaron Sakovich Internet and Technology Services Manager Huntsville-Madison County Public Library 915 Monroe Street | Huntsville, Alabama 35801 | https://hmcpl.org/<https://urldefense.proofpoint.com/v2/url?u=https-3A__hmcpl.org_&d=DwMFaQ&c=RvBXVp2Kc-itN3g6r3sN0QK_zL4whPpndVxj8-bJ04M&r=vKh6XwOmjyC51IkP1OfsdjQZoWT2vpi6VZl8El8EPRI&m=SedjTjhSL5u6Lty5N79OwD0gVFpS6ppqwP7WxBNpWsk&s=Ku0W0_cGknrb4EXJyMzE7SVCh_-M1Df8jgyQ2h_u1Sw&e=> On May 28, 2020, at 12:08, King, Fred <fred.k...@medstar.net<mailto:fred.k...@medstar.net>> wrote: My apologies for posting a question that's not exactly Koha-related, though could be. I'm hoping that someone here can explain in a way that a simple medical librarian and part-time Koha geek can understand, or point me to a source that can. Yes, I checked the man page. What I want to do us use UFW (Uncomplicated Firewall) on Ubuntu to allow access to only permitted IP addresses. I can add one IP address without a problem: sudo ufw allow from 192.168.1.115 to any port 80 I think I know how to add a range consisting of anything beginning with 192.168.1.*: sudo ufw allow from 192.168.1.0/24 to any port 80 (Please correct me if I'm wrong.) What I need to do is allow access from the range 192.168.*.* or something like this 192.168.22-65.* or 192.138.187-189.* Any ideas or sources of information? Thanks, --Fred Fred King, MSLS, AHIP Medical Librarian, MedStar Washington Hospital Center fred.k...@medstar.net<mailto:fred.k...@medstar.net><mailto:fred.k...@medstar.net> 202-877-6670 ORCID 0000-0001-5266-0279 MedStar Authors Catalog: http://medstarauthors.org<https://urldefense.proofpoint.com/v2/url?u=http-3A__medstarauthors.org&d=DwMFaQ&c=RvBXVp2Kc-itN3g6r3sN0QK_zL4whPpndVxj8-bJ04M&r=vKh6XwOmjyC51IkP1OfsdjQZoWT2vpi6VZl8El8EPRI&m=SedjTjhSL5u6Lty5N79OwD0gVFpS6ppqwP7WxBNpWsk&s=w2C-iXySXDo0IDFkJEO3GJvfyMoDcTuidzTpCLzlwuM&e=> I was singing the blues when I was six. Kind of sad, eh? --Harry Dean Staunton ---------------------------------------------------------------------- MedStar Health is a not-for-profit, integrated healthcare delivery system, the largest in Maryland and the Washington, D.C., region. Nationally recognized for clinical quality in heart, orthopaedics, cancer and GI. IMPORTANT: This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system without copying it and notify sender by reply e-mail, so that our records can be corrected... Thank you. Help conserve valuable resources - only print this email if necessary. _______________________________________________ Koha mailing list http://koha-community.org<https://urldefense.proofpoint.com/v2/url?u=http-3A__koha-2Dcommunity.org&d=DwMFaQ&c=RvBXVp2Kc-itN3g6r3sN0QK_zL4whPpndVxj8-bJ04M&r=vKh6XwOmjyC51IkP1OfsdjQZoWT2vpi6VZl8El8EPRI&m=SedjTjhSL5u6Lty5N79OwD0gVFpS6ppqwP7WxBNpWsk&s=vi6uZStv4YLORuIkJIdC77c8mVrsmyzgPs2NUYn40xU&e=> Koha@lists.katipo.co.nz<mailto:Koha@lists.katipo.co.nz> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.katipo.co.nz_mailman_listinfo_koha&d=DwQFaQ&c=RvBXVp2Kc-itN3g6r3sN0QK_zL4whPpndVxj8-bJ04M&r=vKh6XwOmjyC51IkP1OfsdjQZoWT2vpi6VZl8El8EPRI&m=SedjTjhSL5u6Lty5N79OwD0gVFpS6ppqwP7WxBNpWsk&s=CaEmiYGSdFyzf-BVqAELoVXRgMppqvE1yxjTTZvLOMQ&e=> _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha