Howto set an IP address range into rules of iptables

08-25-2003, 08:30 AM

I tried the following instructions:

iptables -A FORWARD -s 192.168.0.200-192.168.0.240 -d 0/0 -p tcp -j ACCEPT
iptables -A FORWARD -s 192.168.0.200-192.168.0.240 -d 0/0 -p udp -j ACCEPT
iptables -A FORWARD -s 0/0 -d 192.168.0.200-192.168.0.240 -p tcp -j ACCEPT
iptables -A FORWARD -s 0/0 -d 192.168.0.200-192.168.0.240 -p udp -j ACCEPT

It appears error. Error message is:

iptables v1.2.5: host/network `192.168.0.200-192.168.0.240' not found
Try `iptables -h' or 'iptables --help' for more information.

Would you tell me how to set an IP address range into rules of iptables?
Thank you very much!

08-25-2003, 09:16 AM

Terry Ho wrote:

> iptables -A FORWARD -s 192.168.0.200-192.168.0.240 -d 0/0 -p tcp -j ACCEPT
> iptables -A FORWARD -s 192.168.0.200-192.168.0.240 -d 0/0 -p udp -j ACCEPT
> iptables -A FORWARD -s 0/0 -d 192.168.0.200-192.168.0.240 -p tcp -j ACCEPT
> iptables -A FORWARD -s 0/0 -d 192.168.0.200-192.168.0.240 -p udp -j ACCEPT

You need to specify using the address/mask format

try
192.168.0.200/29 (for 200 - 207)
192.168.0.208/28 (for 208 - 223)
192.168.0.224/28 (for 224 - 239)
192.168.0.240/32 (for 240 - 240)

So each of your lines above will result in 4 lines -- one for each of the
above address/mask combinations

-- Saikat

08-25-2003, 10:03 AM

Thank you very much! But I have one question.
You wrote:
> 192.168.0.200/29 (for 200 - 207)
> 192.168.0.208/28 (for 208 - 223)
> 192.168.0.224/28 (for 224 - 239)
> 192.168.0.240/32 (for 240 - 240)

I understand
> 192.168.0.200/29 (for 200 - 207)
> 192.168.0.208/28 (for 208 - 223)
> 192.168.0.240/32 (for 240 - 240)

But I don't understand
> 192.168.0.224/28 (for 224 - 239)
Why use network mask 28 bits? I think the network mask is 27 bits. Is it
right? ^-^

"Saikat Guha" <(E-Mail Removed)>
??????:bick74$jsg$(E-Mail Removed)...
> Terry Ho wrote:
>
> > iptables -A FORWARD -s 192.168.0.200-192.168.0.240 -d 0/0 -p tcp -j
ACCEPT
> > iptables -A FORWARD -s 192.168.0.200-192.168.0.240 -d 0/0 -p udp -j
ACCEPT
> > iptables -A FORWARD -s 0/0 -d 192.168.0.200-192.168.0.240 -p tcp -j
ACCEPT
> > iptables -A FORWARD -s 0/0 -d 192.168.0.200-192.168.0.240 -p udp -j
ACCEPT
>
> You need to specify using the address/mask format
>
> try
> 192.168.0.200/29 (for 200 - 207)
> 192.168.0.208/28 (for 208 - 223)
> 192.168.0.224/28 (for 224 - 239)
> 192.168.0.240/32 (for 240 - 240)
>
> So each of your lines above will result in 4 lines -- one for each of the
> above address/mask combinations
>
> -- Saikat

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
HELP, Need quick iptables rules	akak01000101@gmail.com	Linux Networking	5	03-03-2008 07:45 PM
Removing iptables rules	Augustus SFX van Dusen	Linux Networking	7	06-05-2006 04:05 PM
Iptables and rules from database ?	snowi@ras.pl	Linux Networking	0	10-16-2005 11:20 AM
Looking for iptables applications code (iptables.c) to run some rules to forward packets	tvnaidu@yahoo.com	Linux Networking	2	01-17-2005 05:01 PM
iptables rules for vonage	Rob Ristroph	Linux Networking	0	10-02-2003 06:44 AM