On Sun, 2003-04-27 at 09:25, Michael K wrote: > > -----Original Message----- > > From: netfilter-admin@xxxxxxxxxxxxxxxxxxx > > [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Afshin Lamei > > Sent: Sunday, April 27, 2003 8:12 AM > > To: netfilter@xxxxxxxxxxxxxxxxxxx > > Subject: How to block a range of IPs? > > > > > > Hi, > > How can I write a rule for a custom range of IPs? for > > example, I want to > > block every WWW packet incoming from eth1, which source is an > > IP between > > 192.168.1.10 and 192.168.1.20. > > please help me writing an example. > > thank you > > afshin > > > > > > You can't, but if you subnet, the closest will be 192.168.1.1 to > 192.168.0.14 using mask 255.255.255.240. > Or 192.168.1.1 to 192.168.0.30 using mask 255.255.255.224. Actually you can... with the new iprange match in patch-o-matic. -- /Martin
