You mean something like that:
Deny from 211.232.0.0/13
?

let's see:

192.168.0.0/24 means 192.168.0.0-192.168.0.255

192.168.0.0/25 means 192.168.0.0-192.168.0.127
192.168.0.128/25 means 192.168.0.128-192.168.0.255

192.168.0.0/26 means 192.168.0.0-192.168.0.63
192.168.0.64/26 means 192.168.0.64-192.168.0.127
192.168.0.128/26 means 192.168.0.128-192.168.0.195
192.168.0.196/26 means 192.168.0.196-192.168.0.255

an so on... Do you see the pattern now? You can calculate this without any tool...

32-X=Y
2^Y=Z
so the range /X contains Z IP numbers (if X=26 then Z=64)

in the other way:
211.232.0.0-211.255.255.255
first numers are equal, so let's add to memory 8
between 232 and 255 are 32 numbers
32=2^5
8(from memory)+5=13, so 211.232.0.0/13

I wish this was helpful.

Alas it was not;~/ At least I don't think it was helpful, I was thinking of something along the lines:-

# unconditionally block IP range 211.232.0.0 - 211.255.255.255
RewriteCond %{REMOTE_ADDR} ^211\.23(2-0)\.(0-9)\.foo.bah])$
RewriteRule .* - [F,L]

...and, yes, my attempt with the numerical translation is wrong already.

best wishes, Robert

Webmaster:
I'm just in the middle of installing TMDA on my email server and so sincere apologies if anything untoward has or is bouncing back to you. It's a wonderful world in which we live isn't it!? Every knock on the virtual door is always such a kind, happy, smiling face waiting to share something nice with you...

icpix,

Welcome to WebmasterWorld [webmasterworld.com]!

I'm not aware of any tool, but here's an example for your 211.232.0.0-211.255.255.255 range:

RewriteCond %{REMOTE_ADDR} ^211\.2(3[2-9]¦4[0-9]¦5[0-5])\.
RewriteRule .* - [F]

Remember that this is a string (character) comparison, and mod_rewrite has no idea that this is a numeric range. In this example the last two octets .0.0 - .255.255 are omitted in the pattern; Since they can vary across the entire valid range, there is no benefit to testing them.

You could argue that there's no use in being too precise, since you can assume that the octets will only contain valid numbers. So you could use

RewriteCond %{REMOTE_ADDR} ^211\.2(3[2-9]¦[45][0-9])\.

to reduce complexity and save time.
Although this would match 211.232.x.x - 211.239.x.x or 211.240.x.x - 211.259.x.x, you'll never receive a number greater than 255, so it won't matter.

Jim

Jim

Kind of you, glad to be here.

Your example has greatly clarified my ground rules to format these strings. Thank you. My village's site and gallery will (metaphorically) sleep easier tonight;~)

I stumbled elsewhere on your ubiquitous tip that this forum's code switches the onscreen display of a full pipe for a broken pipe.

In my short history of getting to grips with .htaccess files I've learnt that, for once, over-precision is beneficial;~> IOW .htaccess is the single most importance thing that makes the internet anything like palatable. Any lesson learnt with .htaccess code must be one to value.

I think this was too easy for you Jim:-) I will return with something worthy of your expertise. Something that has troubled my gallery since, at least, the (UK) summer.

best wishes, Robert