Question about hosts_access(5)
Rick Stevens
rstevens at vitalstream.com
Thu Feb 22 19:55:31 UTC 2007
On Thu, 2007-02-22 at 13:58 -0500, Kwan Lowe wrote:
>
> > An expression of the form 'n.n.n.n/m.m.m.m´ is interpreted as a
> > 'net/mask´ pair. An IPv4 host address is matched if 'net´ is equal
> > to the bitwise AND of the address and the 'mask´. For example,
> > the net/mask pattern '131.155.72.0/255.255.254.0´ matches every
> > address in the range '131.155.72.0´ through '131.155.73.255´.
> >
> >
> > Is there any reason why it must be written out as:
> >
> > 131.155.72.0/255.255.254.0
> >
> > ... as opposed to using the shorter version:
> >
> > 131.155.72.0/23
>
> At one point it was possible to create a non-contiguous mask. This would not be
> doable with the short / notation.
The "short / notation" is called "CIDR" (classless interdomain routing)
notation.
> I've never actually used a non-contiguous mask, but there's a whole chapter on it in
> one of my earlier networking books.
I have. It's a nightmare, but unfortunately many Asian ISPs use it to
spam. Makes your iptables and firewall rules rather nasty.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- Any sufficiently advanced technology is indistinguishable from a -
- rigged demo. -
----------------------------------------------------------------------
More information about the fedora-list
mailing list