can't you just do 100.100.100.
Ken > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Matt > Zagrabelny > Sent: 29 March 2006 5:41pm > To: debian-user@lists.debian.org > Subject: Re: hosts.deny > > > On Wed, 2006-03-29 at 09:05 -0600, Jack Hale wrote: > > I am trying to block a whole subnet. (example > > 100.100.100.0-100.100.100.255). > > in my /etc/hosts.deny file I have placed this as > > 100.100.100.0/100.100.100.255. > > Is this the correct way to do this? I am using Shorewall for the > > firewall. I am new to this. Sorry for the stupidity. > > Jack > > > hosts (allow|deny) are more of a layer7 packet filter. that > is, it is at > the application level. > > firewalls filter at layers 2 and 3 of the OSI model. > > > both methods work for restricting access to stuff, but they are > different, and that is important to understand. > > -matt zagrabelny > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
