> > your example of 10.0.168.0/22, actually does define a network > ID--10.0.168.0 - 10.0.171.255 > > as to what value you actually want--i have no idea. > > say what you mean and mean what you say. Thanks for the reply. But I am confused. I need to revisit the math, but the public IP space range is XX.XX.168.0 - XX.XX.175.255. It has a netmask of 255.255.242. As I said the private space mirrors this IP space. This is a legitimate public IP subnet. How do I define it to iptables, since the public IP space is not as I would expect in iptables either. Thanks, Dan
