Version 4.0| Version 4.0 |
User's Guide |
4. Configuring NetProxy Services
4.16. Using Slash Notation to Configure Mapped Ports and Firewall Rules
NetProxy uses "slash notation" to define which individual computers, or groups of computers, are covered by firewall rules and port mapping exceptions. IP addresses written in slash notation look like this:-
192.168.1.0/24
192.168.1.23/32
195.153.161.128/25
To the left of the "slash" character (/) is the IP address or network address being referred to. To the right of the "slash" character is a number that specifies the number of significant "bits" in the address.
IP addresses are 32 bit numbers consisting of four eight bit numbers separated by periods (.). Therefore, the number following the slash character must be between 1 and 32.
Here are some examples of common slash-notated addresses, with their meanings:-
| Address | Meaning | |
| 192.168.14.12/32 | Refers to the single computer with the IP address "192.168.14.12". The /32 tells us that all 32 bits of the address are relevant. | |
| 192.168.14.0/24 | Refers to a group of computers with addresses ranging from 192.168.14.0 to 192.168.14.255. The /24 tells us that the first 24 bits (i.e. the first three numbers in the dotted quad) are relevant. | |
| 192.168.17.128/25 | Refers to a group of computers with addresses ranging from 192.168.17.128 to 192.168.17.255. The /25 tells us that the first 25 bits of the address are relevant. |
Why does NetProxy use slash notation? Wasn't the "192.168.14.*" style of notation used by NetProxy 2.0 easier to understand?
The pattern matching used in NetProxy 2.0 may have been more intuitive for people used to using MS-DOS wildcards, but it is a fundamentally flawed and inflexible method of matching IP addresses. As an example, slash notation allows us to use "192.168.1.192/27" to refer to computers with the IP addresses 192.168.1.192 to 192.168.1.223. There is no simple way to do this using the pattern matching in NetProxy 2.0, separate rules would have to be generated for each of the 32 IP addresses.
Slash notation is a widely used standard for referring to IP subnets. It is used by most modern TCP/IP software.