Am 22. Aug, 2002 schwätzte technomage so:

> ok, I got most of the basics down.
> when i want to deny an ip or all of an ip block (last numbers only) I can do:
> iptables -A INPUT -s xxx.yyy.zzz.0/24 -j DROP
> and it takes care of the entire ip block.
>
> However, I want to block entire ranges hwere I have XX.YY.0.0 between
> xx.yy.0.0 and xx.yy.255.255. whats the netmask notation for this?

That's a slash-16, e.g. xx.yy.0.0/16.

Look for an explanation on using CIDR addresses. There should be several
explanations in HOWTOs on the LDP. Any book on networking published in the
last 5 years should also have info.

ciao,

der.hans
-- 
#  https://www.LuftHans.com/
#  "Science is like sex: sometimes something useful comes out, but
#  that is not the reason we are doing it." -- Richard Feynman