From: Andy Wood (network.design@home.com)
Date: Thu Nov 16 2000 - 03:18:16 PST
I have to agree here. I'm not an IP expert, yet, but I was sure that /32
(equiv 255.255.255.255) denoted a singular IP. In John's defence (The
original person to reply) an IP without a mask is working just fine, with
PMFirewall. A Single IP, 255.255.255.255 and /32 all show (with ipchains
-L) that only IP that I choose is allowed in. If I change the #-o-bits to
24 it shows that 1.2.3.0/24 is allowed.
So, to recap Single IP or /32 or 255.255.255.255 all restrist the rule
to only the IP that is entered will be allowed to pass through to the
protected network or PSN.
Thanks for all the input(s). It's appreciated.
Andy
On Thu, 16 Nov 2000, Alex Boag-Munroe wrote:
> Date: Thu, 16 Nov 2000 05:42:46 +0000
> To: pmfirewall@pointman.org
> From: Alex Boag-Munroe <ajbm@ntlworld.com>
> Reply-To: pmfirewall@pointman.org
> Sender: owner-pmfirewall@pointman.org
> Subject: Re: [pmfirewall] $OUTERNET vs $REMOTENET
>
> No....a /32 IS possible and IS one single IP address. Look on the
> documentation page of pointman.org, subnets are explained there.
>
> On Thursday 16 November 2000 02:20, you wrote:
>
> > > On Wed, Nov 15, 2000 at 05:31:41PM -0800, James Nessen wrote:
> > > It will.
> > >
> > > a /32 = a netmask of 255.255.255.255 (a single static IP).
> >
> > I don't think so. A /32 means all bits in the netmask asserted, as you
> > say, or 255.255.255.255. But the netmask defines the network portion of
> > the IP address. 32 bits of netmask leaves 0 bits for the IP
> > addresse(s). To have a valid single IP address, you would have to have
> > /31, or 255.255.255.254. This would leave the even value for the
> network,
> > and so unavailable for an IP address, and the odd value for the IP
> > address. Methinks a network with one IP address on it isn't very
> useful.
>
> ----------------------------------------
> Content-Type: application/pgp-signature; charset="us-ascii";
> name="Attachment: 1"
> Content-Transfer-Encoding: 7bit
> Content-Description:
> ----------------------------------------
>
****************************************************************************
> * To UNSUBSCRIBE from the list, send a message with "unsubscribe
> pmfirewall"
> * in the message body to majordomo@pointman.org. Please direct other
> * questions, comments, or problems to pmfirewall-owner@pointman.org.
> *
> * Need answers fast? Check the list archive located at:
> * http://www.pointman.org/PMFirewall/list-archive/
> *
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:37:52 PDT