HPE Community
Operating System - Linux
1828584 Members
2557 Online
109982 Solutions
New Discussion

how about the syntax of continous IP defined in ipchanis( -s -d)

 
frederick van targero
Advisor

‎06-21-2002 10:14 PM

‎06-21-2002 10:14 PM

how about the syntax of continous IP defined in ipchanis( -s -d)

i want to block some ip with continues address, however i do not know how about the syntax,
for exampels
-d 192.168.0.1-192.168.0.100,
it is wrong

thanks for your tips,
frederick
frederick
0 Kudos
Reply
3 REPLIES 3
U.SivaKumar_2
Honored Contributor

‎06-23-2002 11:01 PM

‎06-23-2002 11:01 PM

Re: how about the syntax of continous IP defined in ipchanis( -s -d)

Hi,
it is wrong.
IPchains allow specification of a group of IP addresses, such as `199.95.207.0/24' or `199.95.207.0/255.255.255.0'. These both specify any IP address from 199.95.207.0 to 199.95.207.255 inclusive; the digits after the `/' tell which parts of the IP address are significant. `/32' or `/255.255.255.255' is the default (match all of the IP address). To specify any IP address at all `/0' can be used.

regards,
U.SivaKumar
Innovations are made when conventions are broken
0 Kudos
Reply
Hal Rottenberg
Frequent Advisor

‎06-24-2002 04:15 AM

‎06-24-2002 04:15 AM

Re: how about the syntax of continous IP defined in ipchanis( -s -d)

They call these subnet masks. You can find a calculator here:

http://www.telusplanet.net/public/sparkman/netcalc.htm

For example to include 192.168.0.1-192.168.0.127 you would use this in ipchains: 192.168.0.1/25

You will want to research tcp/ip subnet masking to learn more.
If at first you don't succeed, then skydiving isn't for you.
0 Kudos
Reply
Mark Fenton
Esteemed Contributor

‎06-24-2002 05:56 PM

‎06-24-2002 05:56 PM

Re: how about the syntax of continous IP defined in ipchanis( -s -d)

Picking up on the previous posts,
to deny traffic on eth0 originating from the first 128 ip addresses in your subnet

ipchains -A (your chain here) -i eth0 -s 192.168.0.0/25 -j DENY

hth
Mark
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.