[clue-tech] Need a quick IPTABLES line

John handyj at gmail.com
Fri Jun 13 09:34:23 MDT 2008 

You are correct, I missed that.  Good thing you read it better than I did.
:D

On Thu, Jun 12, 2008 at 10:53 PM, David L. Willson <DLWillson at thegeek.nu>
wrote:

> A 24-bit subnet won't work because the rule would only match and drop
> traffic from hosts
> with 40 in the third octet.  It would miss the hosts with 41 through 47 in
> the third
> octet.  The desired subnet length is 21 (all of the first two octets, and 5
> bits of the
> 3rd).  That will drop traffic from the whole undesired subnet.
>
>
> On Thu, 12 Jun 2008 22:38:25 -0600, John wrote
> > That's not a netmask, it's a way to specify the subnet.  I think you want
> to
> > use 77.41.40.0/24.
> >
> > John
> >
> > On Thu, Jun 12, 2008 at 10:04 PM, Jed S. Baer <cluemail at jbaer.cotse.net>
> > wrote:
> >
> > > Hi Folks.
> > >
> > > Trying to do some stopgap blocking. I'm not a network guru. Here's the
> > > netblock I want to have just be ignored:
> > >
> > > inetnum:        77.41.40.0 - 77.41.47.255
> > > netname:        NeoCentel-Home
> > > descr:          BRAS E-320-31 DHCP-pool
> > > descr:          Russian Central Telegraph, Moscow
> > > country:        RU
> > >
> > > My approach is to do this:
> > > iptables -t INPUT -A DROP -p all -s 77.41.41.253/255.255.248.0
> > >
> > > But I don't understand if that notation will cause the entire block to
> be
> > > dropped. Input on the -s parameter, or verification that I have it
> > > correct, or how to specify it so it works, much appreciated.
> > >
> > > jed
> > > _______________________________________________
> > > clue-tech mailing list
> > > clue-tech at cluedenver.org
> > > http://www.cluedenver.org/mailman/listinfo/clue-tech
> > >
>
>
> -- David
>
> _______________________________________________
> clue-tech mailing list
> clue-tech at cluedenver.org
> http://www.cluedenver.org/mailman/listinfo/clue-tech
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue-tech/attachments/20080613/f973b9a2/attachment-0001.html

More information about the clue-tech mailing list