Re: Need help with reflect.conf!

Brian O'Shea (boshea@wpine.com)
Sat, 30 Dec 1995 14:31:25 -0500


>
>Could somebody help me out with a reflect.conf question? I'm
>trying to use the allow command to let in a subset, ie anybody
>connecting from 140.254.x.x - but I can't figure out the proper
>format from the instructions! Could someone email me a sample,
>complete with whatever :len should be? TIA...

To answer your specific question, you should specify

ALLOW 140.254.0.0:16

Here's a clip from an as yet to be released reflect.conf which attempts to
make this clearer. If you don't understand it, or have suggestions for
improvements, please don't hesitate to let me know.

; Various paramaters will accept an ip address, or a subnet address
; with a bit field argument. The subnet arguments are of the following format:
;
; subnet:bits
;
; The bits argument represents the number of bits, from the left, that are
; significant in the subnet argument. In IP address dot notation, each
; of the 4 numbers is represented internally by an 8 bit byte, which can
; range in value from 0 to 255. With that in mind, a bits argument of 8
; signifies that only the first number of the 4 number IP address is
; significant. For the purposes of explanation, an X in the IP address
; represents "Don't care".
;
; 1.X.X.X:8 Matches any IP address begining with 1
; 64.X.X.X:8 Matches any IP address begining with 64
; 127.X.X.X:8 Matches any IP address begining with 127
;
; bits values of 16..
;
; 128.1.X.X:16 Matches any IP address begining with 128.1
; 128.255.X.X:16 Matches any IP address begining with 128.255
; 160.35.X.X:16 Matches any IP address begining with 160.35
; 191.128.X.X:16 Matches any IP address begining with 191.128
;
; bits values of 24..
;
; 192.1.2.X:24 Matches any IP address begining with 192.1.2
; 199.255.21.X:24 Matches any IP address begining with 199.255.21
; 201.35.199.X:24 Matches any IP address begining with 201.35.199
; 223.128.27.X:24 Matches any IP address begining with 223.128.27
;
; As an extreme example, if you use 31 in the bits field it matches only
; 2 IP addresses:
;
; 192.1.2.0:31 Will match only 192.1.2.0 and 192.2.2.1
;
; Another extreme example, is 30 in the bits field which matches only
; 4 IP addresses:
;
; 192.1.2.0:30 Will match 192.1.2.0, 192.2.2.1
; 192.1.2.2 and 192.2.2.3
;
; And the most extreme example, if you use a value of 32, it represents
; a SINGLE IP address, and is therefore identical to the IP address
: without the :32.
;
; 192.1.2.1:32 Will match only 192.1.2.1
;

-bos

+***********************************************************************+
+ Brian O'Shea White Pine Software +
+ Network/OS Software Engineer 15 Messenger Square +
+ boshea@wpine.com Suite 8A +
+ Fax 508-695-2378 Plainville MA, 02762 +
+ All it takes is all you've got. +
+***********************************************************************+