Páginas

sexta-feira, 27 de agosto de 2010

IPCALC

Marcelo,

Usei o ipcalc como voc� indicou e funcionou perfeitamente.
Como forma de consulta, vou deixar registrado como procedi.

Linha de comando para o ipcalc:
ipcalc 192.168.26.0/24 -s 6

Address: 192.168.26.0 11000000.10101000.00011010. 00000000
Netmask: 255.255.255.0 = 24 11111111.11111111.11111111. 00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000. 11111111
=>
Network: 192.168.26.0/24 11000000.10101000.00011010. 00000000
HostMin: 192.168.26.1 11000000.10101000.00011010. 00000001
HostMax: 192.168.26.254 11000000.10101000.00011010. 11111110
Broadcast: 192.168.26.255 11000000.10101000.00011010. 11111111
Hosts/Net: 254 Class C, Private Internet

1. Requested size: 6 hosts
Netmask: 255.255.255.248 = 29 11111111.11111111.11111111.11111 000
Network: 192.168.26.0/29 11000000.10101000.00011010.00000 000
HostMin: 192.168.26.1 11000000.10101000.00011010.00000 001
HostMax: 192.168.26.6 11000000.10101000.00011010.00000 110
Broadcast: 192.168.26.7 11000000.10101000.00011010.00000 111
Hosts/Net: 6 Class C, Private Internet


E o firewall ficou assim:


#!/bin/sh

ipfw -f flush

ipfw add 01 divert 8668 ip from any to any via sis0
ipfw add 02 deny tcp from any to any 3128 via sis0
ipfw add 101 allow tcp from 192.168.26.0/24 to 192.168.26.254 3128 via
rl0
ipfw add 102 allow tcp from 192.168.26.0/29 to any 80 via rl0 setup
keep-state
ipfw add 103 deny tcp from 192.168.26.0/24 to any 80 via rl0 setup
keep-state
ipfw add 300 allow ip from any to any


Valeu pela ajuda!

Daniel

> ent�o so usando o ipcalc e vendo se tem alguma possibilidade de escrever
> tipo 192.168.26.1/26 , sen�o � regra por regra acho que 1-6 num rola ,
> s� testando pra ver
>
>
>
> On Thu, 2005-03-10 at 13:15, Daniel Angelini Toledo wrote:
> > Desculpe, esqueci de mencionar. � ipfw vers�o 1.
> >
> > > man ipfw
> > >
> > >
> > > If you administer one or more subnets, you can take advantage of the
> > > ipfw2 syntax to specify address sets and or-blocks and write
> > > extremely
> > > compact rulesets which selectively enable services to blocks of
> > > clients,
> > > as below:
> > >
> > > goodguys="{ 10.1.2.0/24{20,35,66,18} or 10.2.3.0/28{6,3,11}
> > > }"
> > > badguys="10.1.2.0/24{8,38,60}"
> > >
> > > ipfw add allow ip from ${goodguys} to any
> > > ipfw add deny ip from ${badguys} to any
> > > ... normal policies ...
> > >
> > > Marcelo
> > >

Nenhum comentário:

Postar um comentário