• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

ACL Wildcard Mask Question - Answered

B

bbarnes

Senior member
Ok, say for instance you had a host with an IP of 172.32.16.40

The wildcard mask would not work if it were x.x.x.215 (the x is there becuase I am not worried about that part) because it would block any host that had a IP with a bit in the 32 and 8 spot regardless whether it had one in any other spot in the last octet or not, is this correct?

As .40 in binary is 00101000, thus we get the .215 by telling it to ignore all other bits besides the 32 and 8 bit.

Wouldn't this also affect any host with an IP of anything that contained these same two bits plus any others, such as .41 (00101001)

[EDIT] Answered [/EDIT]
 
yeah, wildcard mask is a bit-wise operation. 1=don't care, 0=match.

if you need to match a particular host then use a mask of 0.0.0.0 or the keyword HOST.

You generally see wildcard masks used to specifiy a network or subnetwork.
0.0.0.127 (matches half of class C net)
0.0.0.31 (matches ip in the 255.255.255.224 subnet)
0.0.255.255 (matches entire class B net)

HTH
 
Thanks, that is what I thought, just a friend was saying that he thought it work that way and I wanted to make sure I wasn't thinking the wrong way...
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top