To allow IPs from network 111.222.55.0 and 111.222.56.0 networks in TCP wrappers, what network and netmask pair can be used in /etc/hosts.allow?
Answer: 111.222.55.0/255.255.240.0
Explanation/Reference:
111.222.55.0 = 01101111.11011110.00110111.00000000
111.222.56.0 = 01101111.11011110.00111000.00000000
The common part of both networks is /20 which translates to 255.255.240.0If you use a more restrictive netmask (like /21, /22, …) you won’t be able to get both nets with one network and netmask pair.
From the man pages:
An expression of the form `n.n.n.n/m.m.m.m´ is interpreted as a `net/mask´ pair. An IPv4 host address is matched if `net´ is equal to the bitwise AND of the address and the `mask´. For example, the net/mask pattern `131.155.72.0/255.255.254.0´ matches every address in the range `131.155.72.0´ through `131.155.73.255´.`255.255.255.255´ is not a valid mask value, so a single host can be matched just by its IP.
111.222.55.0 not network so 111.222.56.0 can`t include same subnetwork,
The correct answer should be 111.222.48.0/255.255.255.240 .
Correction: 111.222.48.0/255.255.240.0
Xu – Thanks.
2^5 = 16, 32, 48 (belong to here ).
Correction 2^4= 16.