---------- Original Message ----------- From: Jay Turner <jkt@redhat.com> To: psyche-list@redhat.com Sent: Fri, 24 Jan 2003 02:27:53 -0500 Subject: Re: iptables netmask > On Thu, Jan 23, 2003 at 07:12:31PM -0600, Mike Vanecek wrote: > > I am configuring RH 8 iptables. I have read several sources, but am still > > unclear on the impact of a netmask on the source/destination definitions. > > > > For example, -s 65.50.0.0/11 would have a hit on what range of incoming packets? > > > > If I understand it correctly, which I really do not, the 11 means to mask 11 > > bits of the ip address. Hence, 11 => 255.224.0.0 ?? (11111111.1110000...) > > > > But, how does this translate into the range of ip addresses for which the -s > > is valid? > > Would cover from 65.32.0.1 to 65.63.255.254 Argg ... I would have never thought it covered this range. Guess I better look at the calculater mentioned below. > > > > Will ip address 64.255.0.0 trigger a hit? > No. > > Will ip address 65.55.1.1 trigger a hit? > Yes. > > How do I test the incoming source address against the above rule and determine > > when a match will occur? > > There's a pretty neat calculator available at > http://www.csgnetwork.com/ipinfocalc.html. ------- End of Original Message ------- Ah, yes, that is what I need. Thanks. -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list