24.0.0.0/8 = 24.0.0.0 to 24.255.255.255
   or 16,777216 unique IPs (including network and broadcast)
24.0.0.0/24 = 24.0.0.0 to 24.0.0.255
   or 256 unique IPs (including network and broadcast)

Make sure you put the limited accept rule before the blanket deny rule because the first match wins.

>>> mjn at umn.edu 04/17/01 10:34AM >>>
We have ipchains firewalling on a RedHat 6.1 box here at work and we are
having some problem with people running mail servers on the cable-modem
dominated sections of the network (24.0.0.0).

Here is the rule we have for that:

IPCHAINS="/sbin/ipchains"
LOCALNET="IP/NETMASK"

$IPCHAINS -A input -l -s 24.0.0.0/8 -d $LOCALNET -j DENY

Now, what I'd like to do is just allow access to port 25 for the whole
subnet to eilminate my having to throw in specific IPs in and restart the
firewall.  Its like just a problem with my understanding of TCP/IP(or,
more likely, IPchains) but here is what I have tried which didn't seem to
work:

$IPCHAINS -A input -p tcp -s 24.0.0.0/24 -d $LOCALNET 25 -j ACCEPT

I also tried it without the port number.  My big problem is not
understanding what the mask "/24" is doing in this case (and many
others)...

Suggestions?  Does anyone have a better philosophy regarding cable-modem
users?  Should I be punting all of their packets into oblivion?  It feels
good but it starting to become more of a staple and thus we may run into
problems eventually...

Thanks.
____________________________
Mike Neuharth
ADCS Technology Specialist
http://www.umn.edu/adcs 

E-Mail          : mjn at umn.edu 
Page Mail       : 6126486512 at page.metrocall.com 
http://supermonkeycollider.dyndns.org/ 
____________________________

_______________________________________________
tclug-list mailing list
tclug-list at mn-linux.org 
https://mailman.mn-linux.org/mailman/listinfo/tclug-list