Home » CompTIA » LX0-102 » What network and netmask pair can be used in /etc/hosts.allow?
To allow IPs from network 111.222.55.0 and 111.222.56.0 networks in TCP wrappers, what network and netmask pair can be used in /etc/hosts.allow?
Correct Answer: 111.222.55.0/255.255.240.0
Explanation/Reference:
111.222.55.0 = 01101111.11011110.00110111.00000000
111.222.56.0 = 01101111.11011110.00111000.00000000
The common part of both networks is /20 which translates to 255.255.240.0
If you use a more restrictive netmask (like /21, /22, …) you won’t be able to get both nets with one network and netmask pair.
From the man pages:
An expression of the form ‘n.n.n.n/m.m.m.m’ is interpreted as a ‘net/mask’ pair. An IPv4 host address is matched if ‘net’ is equal to the bitwise AND of the address and the ‘mask’. For example, the net/mask pattern ‘131.155.72.0/255.255.254.0’ matches every address in the range ‘131.155.72.0’ through ‘131.155.73.255’. ‘255.255.255.255’ is not a valid mask value, so a single host can be matched just by its IP.