what network and netmask pair can be used in /etc/hosts.allow?

To allow IPs from network 111.222.55.0 and 111.222.56.0 networks in TCP wrappers, what network and netmask pair can be used in /etc/hosts.allow?

To allow IPs from network 111.222.55.0 and 111.222.56.0 networks in TCP wrappers, what network and netmask pair can be used in /etc/hosts.allow?

Answer: 111.222.55.0/255.255.240.0

Explanation/Reference:
111.222.55.0 = 01101111.11011110.00110111.00000000
111.222.56.0 = 01101111.11011110.00111000.00000000
The common part of both networks is /20 which translates to 255.255.240.0

If you use a more restrictive netmask (like /21, /22, …) you won’t be able to get both nets with one network and netmask pair.

From the man pages:
An expression of the form `n.n.n.n/m.m.m.m´ is interpreted as a `net/mask´ pair. An IPv4  host  address is  matched  if  `net´  is  equal  to  the  bitwise AND of the address and the `mask´. For example, the net/mask pattern `131.155.72.0/255.255.254.0´ matches every address in the range `131.155.72.0´ through `131.155.73.255´.

`255.255.255.255´ is not a valid mask value, so a single host can be matched just by its IP.

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

James Xu

James Xu

111.222.55.0 not network so 111.222.56.0 can`t include same subnetwork,
The correct answer should be 111.222.48.0/255.255.255.240 .

Reply

James Xu

James Xu

Correction: 111.222.48.0/255.255.240.0

Reply

Yeah

Yeah

Xu – Thanks.
2^5 = 16, 32, 48 (belong to here ).

Reply

Yeah

Yeah

Correction 2^4= 16.

Reply