Blocking a range of source IPs to a specific port

Jörg Harmuth harmuth at
Tue Aug 2 10:26:49 CEST 2005

James Harrison schrieb:
> However i'm still completely confused on the whole 0/9 issue- what does
> this specify?

We're talking about the notation or shorter 172.128/9 or
similar. The part after the slash is the subnetmask (netmask). It is the
number of binary 1s starting from the left. 9 means the same as The first octett has all bits set to 1 => 255, the second
only the first bit => 128 and all others are 0 => 0 ;)



More information about the netfilter mailing list