Re: Proposal to apply mask to IP address set on rule

To: Emmanuel Nyarko <emmankoko519%gmail.com@localhost>
Subject: Re: Proposal to apply mask to IP address set on rule
From: Andy Ruhl <acruhl%gmail.com@localhost>
Date: Fri, 23 May 2025 16:18:05 -0700

On Wed, May 21, 2025 at 9:16 AM Emmanuel Nyarko <emmankoko519%gmail.com@localhost> wrote:
>
> Supposed we want to block or pass packets from a subnet
>
> Say 192.168.64 subnet.(24 bits masking)
>
> So if We
> "pass from 192.168.64.7/24" on a rule.
>
> Is it ideal to also match all packets from 192.168.64 subnet ? As it would if we passed as
> 192.168.64.0/24 on rule.

Allegedly I'm a network guy.

When you add the subnet mask to a rule, to me that means "use the
subnet that the address resides in".

For example

nmap -sn -n 192.168.64.57/24

means "scan 192.168.64.0/24"

If you're applying an IP to an interface with the mask, it's just
indicating the mask for the IP.

Andy

References:
- Proposal to apply mask to IP address set on rule
  - From: Emmanuel Nyarko

Prev by Date: Re: Proposal to apply mask to IP address set on rule
Next by Date: Re: Proposal to apply mask to IP address set on rule
Previous by Thread: Re: Proposal to apply mask to IP address set on rule
Indexes:

Home | Main Index | Thread Index | Old Index