[Dshield] Another simple question...

John Groseclose iain at caradoc.org
Sun Oct 28 17:27:56 GMT 2001

At 4:46 PM -0700 10/27/01, Josh Tolley wrote:
>What does the /8, /12, etc. below mean?  I assume subnet, but having
>only used 4 octet notation for subnets, I don't know how to translate
>Josh Tolley
>The reserved-for-private-use netblocks should be blocked in *both
>directions* (in and out, source and destination) at your boundary:

The /12, /24 are the "masks" for CIDR notation.

Good URLs:

http://www2.nolug.org:81/tcp-ip-class/x247.html - teaches CIDR notation
http://logi.cc/nw/NetCalc.php3 - calculates the IP range for you

Using the latter URL, here are two translations for two examples you gave:

User input = ""

NetCalc V1.1a
HostAddr            00001010.00000000.00000000.00000000  0x0A000000
NetMask           11111111.00000000.00000000.00000000  0xFF000000
NetAddr          00001010.00000000.00000000.00000000  0x0A000000
First Host            00001010.00000000.00000000.00000001  0x0A000001
Last Host      00001010.11111111.11111111.11111110  0x0AFFFFFE
Broadcast      00001010.11111111.11111111.11111111  0x0AFFFFFF
N Hosts    16777214         IN PTR         IN PTR

User input = ""

NetCalc V1.1a
HostAddr         11000000.10101000.00000000.00000000  0xC0A80000
NetMask       11111111.11111111.11111111.00000000  0xFFFFFF00
NetAddr      11000000.10101000.00000000.00000000  0xC0A80000
First Host         11000000.10101000.00000000.00000001  0xC0A80001
Last Host       11000000.10101000.00000000.11111110  0xC0A800FE
Broadcast       11000000.10101000.00000000.11111111  0xC0A800FF
N Hosts    254      IN PTR      IN PTR

To greatly oversimply, the / number can be divided by eight, and then 
you can ignore the numbers in those first octets.

Example: - divide 24 by 8 to get 3, so you ignore the 
first three octets, leaving 192.168.0.(0-254).

Example: - divide 8 by 8 to get 1, so you ignore the first 
octet, leaving 10.(0-254).(0-254).(0-254).

CIDR notation is very flexible once you understand that the / can be 
followed by any number that masks the correct bits to get the desired 


User input = " -"

NetCalc V1.1a
Address1        01000000.01010001.00010011.11010000  0x405113D0
Address2        01000000.01010001.00010011.11010011  0x405113D3
NetMask     11111111.11111111.11111111.11111100  0xFFFFFFFC
NetAddr     01000000.01010001.00010011.11010000  0x405113D0
First Host        01000000.01010001.00010011.11010001  0x405113D1
Last Host        01000000.01010001.00010011.11010010  0x405113D2
Broadcast        01000000.01010001.00010011.11010011  0x405113D3
N Hosts    2     IN PTR     IN PTR

See how it works?
John Groseclose
iain at caradoc.org

More information about the list mailing list