IP address format in hosts.allow file 2

[m1bzm]

Hi all,

At the moment in my hosts.allow file (REDHAT 6.2) Im using straight forward direct addressing i.e.

in.ftpd 192.168.3. 192.168.2.5 etc...

by typing in the whole ip address some octets to represent wildcards.

Im not too familiar with the formal IP notation where an IP range can be described using the "/" character i.e.

192.168.1.0/24

My questions are firstly can someone breifly explain how this notation works and secondly can I use it in my hosts.allow file to save me typing loads of addresses?

Thanks to all in advance...
Darren

 

[ifincham]

Hi,









The notation you describe is just a shorthand way of representing the subnet mask. The number after the '/' is simply the number of binary bits in the subnet mask. Using the address quoted :









192.168.1.0/8 subnet is 255.0.0.0




192.168.1.0/16 subnet is 255.255.0.0




192.168.1.0/24 subnet is 255.255.255.0




etc.









(255 in decimal is 11111111 in binary i.e. 8 bits)









So, it follows that a subnet mask of 255.128.0.0 (decimal) is 11111111.10000000.00000000.00000000 (binary) , i.e 9 bits . You get the idea...









Basically all you need to remember is that you do a logical bit-by-bit 'and' between the mask and an address and any bits that match become th network part of the address.









Hence 192.168.1.1 logically 'and'ed with a mask of 24 bits gives 192.168.1.0 - meaning any address that begins 192.168.1.x .









In hosts.allow you can certainly use the format '192.168.1.0/255.255.255.0' but I don't believe that the alternative of 192.168.1.0/24 is valid for that particular use.









Rgds