Re: hosts.deny vs iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "CodeHeads" <[email protected]>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 24 May 2006 10:34:23 -0500 Bruno Wolff III <[email protected]> wrote:

On Wed, May 24, 2006 at 10:46:39 -0400,
  CodeHeads <[email protected]> wrote:
> > Ed,
> Thank you, That what I was looking for to verify what I have learned so far.
> > Question on entering IP address in IPTables, say I want to add a range to
> block the whole ip range of 10.0.0.0 (example of course)
> Can I do this:
> $iptables -A FORWARD -p tcp -s 10. -i eth0 -j DROP
> OR
> $iptables -A FORWARD -p tcp -s 10.* -i eth0 -j DROP

Either
$iptables -A FORWARD -p tcp -s 10.0.0.0/8 -i eth0 -j DROP
or
$iptables -A FORWARD -p tcp -s 10.0.0.0/255.0.0.0 -i eth0 -j DROP
will work.
Thank you Bruno.  Just wanted to verify about the wild cards.

Sorry for all the questions, IP's confuse me a bit. :) LOL
Say if I have a range of 222.96.0.0 - 222.122.255.255
Is there a calculator that will tell me the netmask??
There isn't one. The net mask is powers of two. It is often
easier to think of it as 222.96.0.0/11 for the nearest to the
case you site, 222.96.0.1 to 22.127.255.254. That means
255.240.0.0 is the mask.

{^_^}


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux