[TCLUG] IPchains or TCP/IP question...

[rgoldber at d.umn.edu]

On Tue, 17 Apr 2001, mjn wrote:

>$IPCHAINS -A input -p tcp -s 24.0.0.0/24 -d $LOCALNET 25 -j ACCEPT
>
>I also tried it without the port number.  My big problem is not
>understanding what the mask "/24" is doing in this case (and many
>others)...

Well, given an IP address (or network number in this case): 24.0.0.0, and a
mask: /24 (ie 255.255.255.0, 24 bits on, remember IP addressing is 32 bits,
with each quad being 8 bits), you get to know the network/subnet part and
the host part.

In this case the first three quads "24.0.0" is the network/subnet part,
leaving one quad for the host part.  The above rule allows packets with
source addresses falling in the range 24.0.0.1-24.0.0.254.

check out 
http://www.tcpipprimer.com/addressing.cfm

hope that helps 

-

Ryan