[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: give multible ports a/o ips to iptables [fixed: problems with firehol...]

On 02/09/2004 Mike Mestnik wrote:
> --- Jonas Meurer <jonas@freesources.org> wrote:
> > so you mean that -d 62.75.128.98/31 is the same as two rules, one with
> > -d 62.75.128.98 and one with -d 62.75.128.99? can you explain it, i
> > don't understand ...
> 
> It has todo with bit's, something called a bitmap.  Here we go...
> 1 and 0 is 1
> 0 and 0 is 0, and is recursive so
> 0 and 1 is also 1
> 
> 1111:1110 and xxxx:xxxx is xxxx:xxx0

sorry, but what do you mean? the first 4 lines are clear, but what does
this xxxx:xxxx mean?

> 98d = 0110:0010
> 99d = 0110:0011
> 254d = 1111:1110

can you exemplify or somehow explain this?

> 99d and 254d = 98d and 98d and 254d = 98d.
> (98d and 254d) is also (99d and 254d).

same for that.

> So both 62.75.128.98 and 62.75.128.99 are in network
> 62.75.128.98/255.255.255.254.  This network could also be writen as
> 62.75.128.98/31 saying that 31 out of 32 bits are set to 1 meaning that
> the last one bit(s) are 0.

ok, so 62.75.128.98/31 goes for all 62.75.128.* addresses?
sorry i still don't feel like i understand your explanations ;(

bye
 jonas
Reply to: