On Wednesday 07 January 2004 9:44 pm, Gabby James wrote:
> Hi,
>
> I would like to filter out all broadcast messages. The packets could come
> from 255.255.255.255 or multiple other addresses of the form 10.*.*.255.
> What kind of syntax do I use to DROP these packets? The line below will
> filter out packets from 255.255.255.255 but I'm not sure what syntax to use
> to DROP the other adresses.
Second idea:
If you mean what you say, and the other broadcasts fit the pattern 10.*.*.255,
you could always use the little-known but perfectly valid netmaslk
255.0.0.255 in a rule such as:
iptables -I INPUT -s 10.0.0.255/255.0.0.255 -j DROP
This will do exactly what you asked - match packets where the source IP's
first byte=10 and the last byte=255, with the middle two bytes being
anything, and drop them.
Antony.
--
Perfection in design is achieved not when there is nothing left to add, but
rather when there is nothing left to take away.
- Antoine de Saint-Exupery
Please reply to the list;
please don't CC me.
