On Wed, Oct 18, 2000 at 01:31:16PM -0700, [EMAIL PROTECTED] wrote:
> 192.0.0.0/255.0.0.0 falls within the 192.0.0.0-223.255.255.255 "Class C"
> address range which is supposed to use 255.255.255.0 masks, but nobody
> pays much attention to that in real routing anymore. That is, the
> InterNIC will probably not assign you more than 256 addresses in a block
> in that range, but they may assign less and you may elect to subdivide the
> block you get further for your own routing purposes.
>
> By blocking 192.0.0.0/255.0.0.0 you are almost certainly blocking some
> valid public ip addresses, since the class C private addresses are limited
> to 256 networks of 256 hosts each, in the range 192.168.x.y. You probably
> want to deny 192.168.0.0/255.255.255.0.
Untrue. The 255 in 255.0.0.0 locks all 8 bits in the first field,
which means that it *only* applies to addresses in the 192 network.
The range would be 192.0.0.0 - 192.255.255.255, not 223.255.255.255.
Still, using the given mask would still potentially block outside
traffic. But using a filter of 192.168.0.0/255.255.255.0 would
potentially allow internal traffic from legal internal source IPs
(such as 192.168.2.45). Use 192.168.0.0/255.255.0.0.
-MC
>
> ---------------------------------------------------------------------------
> Jeff Newmiller The ..... ..... Go Live...
> DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go...
> Work:<[EMAIL PROTECTED]> Live: OO#.. Dead: OO#.. Playing
> Research Engineer (Solar/Batteries O.O#. #.O#. with
> /Software/Embedded Controllers) .OO#. .OO#. rocks...2k
> ---------------------------------------------------------------------------
