On Thu, 23 Jan 2003, Daniel F. Chief Security Engineer - wrote: > Anybody know of a way to block this traffic. Notice it's comming from just the > 0.0 addresses obviously spoofed. But can you block x.x.0.0 with out blocking > every thing else in the range with out a rule per IP. Can the CIDR approach to networking be of any help? I heard that the traditional imaginary separation of networks into classes A, B, C,... is not quite useful, so it is now possible to specify network numbers in format X.X.X.X/N where N is the number of most significant bits. Based on the above, will the 45.208.0.0/32 notation in an iptables rule filter the unwanted packets without rejecting any other possible valid packets coming from 45.208.0.0/16? -- Ilguiz Latypov Net Integration Technologies, Inc tel. +1 (514) 281 9191 x 117
