From: "CodeHeads" <codeheads@xxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 24 May 2006 10:34:23 -0500 Bruno Wolff III <bruno@xxxxxxxx> wrote:
On Wed, May 24, 2006 at 10:46:39 -0400,
CodeHeads <codeheads@xxxxxxxxx> wrote:
>
> Ed,
> Thank you, That what I was looking for to verify what I have learned so far.
>
> Question on entering IP address in IPTables, say I want to add a range to
> block the whole ip range of 10.0.0.0 (example of course)
> Can I do this:
> $iptables -A FORWARD -p tcp -s 10. -i eth0 -j DROP
> OR
> $iptables -A FORWARD -p tcp -s 10.* -i eth0 -j DROP
Either
$iptables -A FORWARD -p tcp -s 10.0.0.0/8 -i eth0 -j DROP
or
$iptables -A FORWARD -p tcp -s 10.0.0.0/255.0.0.0 -i eth0 -j DROP
will work.
Thank you Bruno. Just wanted to verify about the wild cards.
Sorry for all the questions, IP's confuse me a bit. :) LOL
Say if I have a range of 222.96.0.0 - 222.122.255.255
Is there a calculator that will tell me the netmask??
There isn't one. The net mask is powers of two. It is often
easier to think of it as 222.96.0.0/11 for the nearest to the
case you site, 222.96.0.1 to 22.127.255.254. That means
255.240.0.0 is the mask.
{^_^}