On Thu, Jan 23, 2003 at 07:12:31PM -0600, Mike Vanecek wrote: > I am configuring RH 8 iptables. I have read several sources, but am still > unclear on the impact of a netmask on the source/destination definitions. > > For example, -s 65.50.0.0/11 would have a hit on what range of incoming packets? > > If I understand it correctly, which I really do not, the 11 means to mask 11 > bits of the ip address. Hence, 11 => 255.224.0.0 ?? (11111111.1110000...) > > But, how does this translate into the range of ip addresses for which the -s > is valid? Would cover from 65.32.0.1 to 65.63.255.254 > > Will ip address 64.255.0.0 trigger a hit? No. > > Will ip address 65.55.1.1 trigger a hit? Yes. > > How do I test the incoming source address against the above rule and determine > when a match will occur? There's a pretty neat calculator available at http://www.csgnetwork.com/ipinfocalc.html. - jkt -- --*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--* Jay Turner, QA Manager jkt@redhat.com Red Hat, Inc. No amount of experimentation can ever prove me right; a single experiment can prove me wrong. -- Albert Einstein -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
