IP FILTER and network address
Steve Bertrand
iaccounts at ibctech.ca
Wed May 2 22:48:59 UTC 2007
Tun Eler wrote:
>> Appending your IP with /8 ends you up with two rules that essentially
>> look like this (AFAIK):
>>
>> pass in quick on $oif proto tcp from 217.0.0.0/8 to $myip port = 22
>> flags S keep state
>>
>
> Oh, off course. I was applying the rule in the wrong direction, from the right to the left. Silly :-)
I don't quite know what you mean, but /32 is the single (host) IP, much
like:
192.168.1.3/24 == 192.168.1.1 - 192.168.1.254 (entire 192.168.1 network)
and:
172.16.28.18/16 == 172.16.0.1 - 172.16.255.254 (entire 172.16 network)
...what you had was the entire 217. network ;)
Appending a /32 to an address means this address, and only this address.
Regards,
Steve
More information about the freebsd-questions
mailing list