Isn't it nicer to define the subnet as: 172.16.0.0 255.240.0.0 ??
-- N.J. Reuvers Schippers Consultancy B.V. Oude Boteringestraat 71 P.O. Box 11.002 9700 CA Groningen The Netherlands Phone: +31 50 316 81 30 Fax: +31 50 589 04 87 E-mail: [EMAIL PROTECTED] -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]]On Behalf Of Stefan Funk Sent: woensdag 29 januari 2003 8:23 To: [EMAIL PROTECTED] Subject: [FW-1] Subnet Mask question Hi Guys (NG FP2 on SUN Solaris) I'm working on our "Anti-Spoofing" rules to protect the ethernet ports. Now I whould like to ALLOW the IP addresses 172.0.0.0 to 172.255.255.255 to "show" up on one ethernet port. I defined a Net-172-0-0-0 with (see below) Network Address: 172.0.0.0 Net Mask: 255.0.0.0 This is working well, as far as I can see that.... Now the question: Is there a problem with my definitions, to have a class B address with a class A subnet mask? If this is a problem, is there a other solution for my "spoofing" rule? I don't like to define all 172.x.x.x networks by hand, this will be to much, beside of maintaining it all the time.... TIA Regards Stefan Firewall Admin *****Disclaimer***** This message is for the addressee only and may contain confidential or privileged information. You must delete and not use it if you are not the intended recipient. It may not be secure or error-free. All e-mail communications to and from the Julius Baer Group may be monitored. Processing of incoming e-mails cannot be guaranteed. Any views expressed in this message are those of the individual sender. This message is for information purposes only. All liability of the Julius Baer Group and its entities for any damages resulting from e-mail use is excluded. US persons are kindly requested to read the important legal information presented after clicking here: http://www.juliusbaer.com/maildisclaimer *****Disclaimer***** This message is for the addressee only and may contain confidential or privileged information. You must delete and not use it if you are not the intended recipient. It may not be secure or error-free. All e-mail communications to and from the Julius Baer Group may be monitored. Processing of incoming e-mails cannot be guaranteed. Any views expressed in this message are those of the individual sender. This message is for information purposes only. All liability of the Julius Baer Group and its entities for any damages resulting from e-mail use is excluded. US persons are kindly requested to read the important legal information presented after clicking here: http://www.juliusbaer.com/maildisclaimer ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
