Blocking a range of source IPs to a specific port

Jörg Harmuth harmuth at mnemon.de
Tue Aug 2 10:26:49 CEST 2005


James Harrison schrieb:
> However i'm still completely confused on the whole 0/9 issue- what does
> this specify?

We're talking about the notation 172.128.0.0/9 or shorter 172.128/9 or
similar. The part after the slash is the subnetmask (netmask). It is the
number of binary 1s starting from the left. 9 means the same as
255.128.0.0. The first octett has all bits set to 1 => 255, the second
only the first bit => 128 and all others are 0 => 0 ;)

HTH,

Joerg




More information about the netfilter mailing list