Problems with packet blocking
Antony Stone
Antony@Soft-Solutions.co.uk
Mon, 11 Jun 2001 18:54:14 +0100
At 14:32 on 11 Jun 01, andreas berglund wrote about Re: Problems with
packet blocking:
> Lee Packham wrote:
> >
> > That is, I do if no-one can figure out an alternative way to do this other
> > than a line for each of the 172.16-32.0.0 ranges.
>
> There is an alternative, and that is to specify the range in
> CIDR-notation. For this particular range I think 172.16.0.0/15
> would be the correct alternative, someone correct me if I'm wrong.
I think it should be 172.16.0.0/12
The first 8 bits are the 172...
The next 4 bits get you up to 16 if the next 4 bits are zero, and 31 if the
next 4 bits are 1, therefore the answer's 8+4=12
(Anyway, 15 is only 1 less than 16 (which is what you;d use for a full
class B), so 15 bits is half of a class B, and 172.16-31 is much smaller
than that...)
Antony.