[ previous ] [ next ] [ threads ]
 From:  Max Khitrov <mkhitrov at umd dot edu>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Beta 1.2b3
 Date:  Sun, 05 Dec 2004 14:22:30 -0500
Jürgen Möllenhoff wrote:

> I have a feature request for the rules :), it would be nice if I could 
> use IP-Ranges e.g. (would apply to 3 IPs) or 
> something like,, (would apply for 
> the 3 IPs .4,.8,.12). In the moment I can only add a single IP or a 
> whole network (segment) but for a small network with not so many 
> (public) IPs the network segments waste a lot of IPs, of course if I 
> use a private network I can waste IPs as much as I like :) but I don't 
> have this advantage with public IPs and one of the major advantages 
> (for me) of m0n0wall is that I can use public IPs and that I'm not 
> limited to private IPs.

Well it looks like I'm not alone :) This was requested a while back, and 
unfortunately it turned out that because the software that was used for 
these rules doesn't support ranges, neither does the m0n0wall. I made a 
suggestion on how to overcome this, but it was more of a hack then a 
good solution. For me, I was trying to block some IPs from using the 
m0n0wall as their gateway, but instead what I ended up doing is setting 
up a base rule that any IP is blocked by default and then set up 
individual rules above it for any computer that should be allowed to go 
through. It works, but I agree that IP range feature is something that 
could be very useful in other situations. Would it be possible to modify 
the code of the software that handles this task and put in our own 
support for ip ranges? Iím not familiar with it, so canít say.