Time for action – using a range of IP addresses to build ACL lists
Now, let's say in a company, the marketing department is spread over five floors. We have used a convention 10.1.FLOOR_NUM.MACHINE_NUM to assign IP addresses to each machine on every floor. The floor number starts from two and goes up to six. So, we basically have the following subnets.
10.1.2.0/24 # 2nd Floor 10.1.3.0/24 # 3rd Floor 10.1.4.0/24 # 4th Floor 10.1.5.0/24 # 5th Floor 10.1.6.0/24 # 6th Floor
A simple way to identify all these client computers is defined in the following ACL:
acl mkt_dept src 10.1.2.0/24 10.1.3.0/24 10.1.4.0/24 10.1.5.0/24 10.1.6.0/24
The previous methods are a bit cluttered and long winded. Squid provides a simple way to specify multiple addresses the following is an example of this:
acl mkt_dept src 10.1.2.0-10.1.6.0/24
The preceding ACL defining mkt_dept is simply a shortened version of the following:
acl mkt_dept src 10.1.2.0/24 acl mkt_dept src 10.1.3.0/24 acl mkt_dept src 10.1.4.0/24 acl mkt_dept...
