there is a mistake in ipfw docs on your site

Matt Emmerton matt at gsicomp.on.ca
Fri Mar 13 03:04:54 UTC 2015 

-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of ??????? ????
Sent: Thursday, March 12, 2015 10:17 PM
To: freebsd-questions at FreeBSD.org
Subject: there is a mistake in ipfw docs on your site

hello
talking about this page: 
https://www.freebsd.org/doc/en/books/handbook/firewalls-ipfw.html
there's RFC (http://www.rfc-editor.org/rfc/rfc5735.txt), which says:

4.  Summary Table

Address Block       Present Use                Reference
------------------------------------------------------------------
0.0.0.0/8           "This" Network             RFC 1122, Section 3.2.1.3
10.0.0.0/8          Private-Use Networks       RFC 1918
127.0.0.0/8         Loopback                   RFC 1122, Section 3.2.1.3
169.254.0.0/16      Link Local                 RFC 3927
172.16.0.0/12       Private-Use Networks       RFC 1918
192.0.0.0/24        IETF Protocol Assignments  RFC 5736
192.0.2.0/24        TEST-NET-1                 RFC 5737
192.88.99.0/24      6to4 Relay Anycast         RFC 3068
192.168.0.0/16      Private-Use Networks       RFC 1918
198.18.0.0/15       Network Interconnect
                     Device Benchmark Testing   RFC 2544
198.51.100.0/24     TEST-NET-2                 RFC 5737
203.0.113.0/24      TEST-NET-3                 RFC 5737
224.0.0.0/4         Multicast                  RFC 3171
240.0.0.0/4         Reserved for Future Use    RFC 1112, Section 4
255.255.255.255/32  Limited Broadcast          RFC 919, Section 7
                                                RFC 922, Section 7
-------------

BUT
your page says:

"
$cmd 00307 deny all from 204.152.64.0/23 to any in via $pif    #Sun 
cluster interconnect
$cmd 00308 deny all from 224.0.0.0/3 to any in via $pif #Class D & E
multicast "

but i see there's no 204.152.64.0 in RFC and there's block /4 not /3

please tell me what i don't understand?

-----Reply -----------------------------------------------------------------

>> please tell me what i don't understand?

CIDR addressing.

224.0.0.0/4 ==> 4 bits of network (1110) with 28 bits of mask
240.0.0.0/4 ==> 4 bits of network (1111) with 28 bits of mask

These two adjacent netblocks can be represented by a single netblock for
simplicity.

224.0.0.0/3 ==> 3 bits of network (111) with 29 bits of mask

Matt
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list