The numbers after the slash in an IP address indicate where the address into
network and host parts. It's called the subnet mask, and is also represented
in the form of a dotted decimal ip address with zeroes in the host part.


What does the /8, /12, etc. below mean?  I assume subnet, but having
only used 4 octet notation for subnets, I don't know how to translate

The reserved-for-private-use netblocks should be blocked in *both
directions* (in and out, source and destination) at your boundary:

