Hi,
(removed netfilter-devel from the headers, this is not a development Q)
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work ;-).
Are masks
On Tuesday 28 May 2002 15:18, Thomas Heinz wrote:
Netfilter supports arbitrary netmasks for IP addresses which is
more powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would
also work ;-).
Yes, this is the fastest method when
I've always wondered about the concept of useing wierd netmasks on private
internal networks, just to thourouly confuse anyone who actually breaks
into them (obsurity isn't security by itself, but any little bit you can
add on and anything you can do that will break standard tools)
never
On Tue, 28 May 2002, Stephen Frost wrote:
* Thomas Heinz ([EMAIL PROTECTED]) wrote:
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work
Hi Joost
You wrote:
But something like IP/255.255.255.192 is still valid and is probably used
quite a lot. At least i use it. It's easy to use a $NETMASK variable in
scripts for this.
IP/255.255.255.192 == IP/26
Thomas
sized classes.
At 15:18 28-05-2002 +0200, Thomas Heinz wrote:
Hi
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work ;-).
Are masks that cannot
Which is not generally a valid thing to assume.. the .255 and/or .0
address may be in use on larger networks, especially if addresses are
assigned dynamically using a large DHCP scope..
On Tuesday 28 May 2002 16:07, Filipe Almeida wrote:
I usually use:
iptables -A FORWARD -s
True.
I attach interface (-i/-o) matches so I will only filter my networks. I
wrote those lines of the top of my head so I forgot the -i/-o.
At 20:45 28-05-2002 +0200, Henrik Nordstrom wrote:
Which is not generally a valid thing to assume.. the .255 and/or .0
address may be in use on larger
True.
I attach interface (-i/-o) matches so I will only filter my networks. I
wrote those lines of the top of my head so I forgot the -i/-o.
At 20:45 28-05-2002 +0200, Henrik Nordstrom wrote:
Which is not generally a valid thing to assume.. the .255 and/or .0
address may be in use on larger
Hi
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work ;-).
Are masks that cannot be expressed in the IP/x schmeme (at least not in one
rule) used
* Thomas Heinz ([EMAIL PROTECTED]) wrote:
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work
;-).
Are masks that cannot be expressed
On Tue, 28 May 2002, Stephen Frost wrote:
* Thomas Heinz ([EMAIL PROTECTED]) wrote:
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work
Hi Joost
You wrote:
But something like IP/255.255.255.192 is still valid and is probably used
quite a lot. At least i use it. It's easy to use a $NETMASK variable in
scripts for this.
IP/255.255.255.192 == IP/26
Thomas
Hi
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work ;-).
Are masks that cannot be expressed in the IP/x schmeme (at least not in one
rule) used
* Thomas Heinz ([EMAIL PROTECTED]) wrote:
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work
;-).
Are masks that cannot be expressed
On Tue, 28 May 2002, Thomas Heinz wrote:
Hi
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP/255.0.255.255 (IP/23.13.42.0 would also work ;-).
Are masks that cannot be expressed
* Joost Remijn ([EMAIL PROTECTED]) wrote:
On Tue, 28 May 2002, Stephen Frost wrote:
* Thomas Heinz ([EMAIL PROTECTED]) wrote:
Netfilter supports arbitrary netmasks for IP addresses which is more
powerful than just those IP/x (0 = x = 32) expressions.
For example one could use IP
Hi Joost
You wrote:
But something like IP/255.255.255.192 is still valid and is probably used
quite a lot. At least i use it. It's easy to use a $NETMASK variable in
scripts for this.
IP/255.255.255.192 == IP/26
Thomas
.
On Tuesday 28 May 2002 11:06 pm, Erik C Elmshauser wrote:
Hi, this is my first post to the list.
I agree with Stephen, these netmasks are (as far as I can tell)
meaningless. Because of the way that you compute network addresses by
comparing a mask to an address the 255.255.0.128 mask just
19 matches
Mail list logo