My thinking was to apply this filter to only a subset of my class-c,
rather than entering a seperate rule for each one of the machines I wanted
to protect. The IP address range of my UNIX machines really didn't fall
within the bounds of a traditional subnet, so I decided to do something
like the following:
15 deny 0.0.0.0/0 XXX.XXX.XXX.10/28 etc, etc
My thinking was that I could arbitrarily set the network number (sort of
like a VLSM) to 10 and have it match .11-.24 for all the filter rules
using the above convention. Sort of like a "start here and count up". Now
that I'm refreshing my stale knowledge of subnetting, I am beginning to
wonder if that may have been a bad choice.
I've tested it plenty of times, and it appears to match the range I've
selected. But now I'm wondering if it could somehow have an effect on
machines outside that range.
Was my thinking correct?
TIA
-Jason
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.