You can use the tool at http://subnetcreator.sourceforge.net/ to easily determine which subnets are contained in your IP address range. The same logic is being built into the iptables+ management tool being developed in http://iscs.sourceforge.net/ . However,even better,it appears there is a patch available in patch-o-matic that allows one to enter a range directly in iptables. I haven't tried it yet but hope to do so soon to replace that logic in ISCS. Good luck - John On Sun, 2003-04-27 at 10:06, netfilter-request@xxxxxxxxxxxxxxxxxxx wrote: > --__--__-- > > Message: 4 > From: "Afshin Lamei" <linux_st@xxxxxxxxxxx> > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: How to block a range of IPs? > Date: Sun, 27 Apr 2003 10:41:54 +0430 > > Hi, > How can I write a rule for a custom range of IPs? for example, I want to > block every WWW packet incoming from eth1, which source is an IP between > 192.168.1.10 and 192.168.1.20. > please help me writing an example. > thank you > afshin > > > > > > _________________________________________________________________ > Help STOP SPAM with the new MSN 8 and get 2 months FREE* > http://join.msn.com/?page=features/junkmail > > -- John A. Sullivan III Chief Technology Officer Nexus Management +1 207-985-7880 john.sullivan@xxxxxxxxxxxxx --- If you are interested in helping to develop a GPL enterprise class VPN/Firewall/Security device management console, please visit http://iscs.sourceforge.net
