[Firehol-support] FireQOS: Match to IP range

Tsaousis, Costa costa at tsaousis.gr
Thu Aug 27 10:25:30 BST 2015

Hi Brian,

You are right. I have done nothing for IP ranges.

However, since the config is a BASH script, you have many alternatives:

1) use a loop:

for x in {50..60}
   match src 10.10.10.$x

The above is not optimal though. If you give it 200 IPs, it will
produce 200 matches.

2) use iprange - the optimal way

If you have the latest version of firehol, there is a tool called
iprange in the contrib directory. Install it (cd contrib; make

then you can do this:

match4 src "$(echo " -" | iprange)"

This will produce only 4 matches for:


On Thu, Aug 27, 2015 at 8:03 AM, Brian Lusk <brianjlusk at yahoo.com> wrote:
> I've been working with FireQOS for about 2 weeks now, and while I've figured out most of the basics, one thing I haven't figured out yet... how to match for a range of IP addresses.  Not a subnet, mind, a range of IP's, say from -  While I could match on each IP address in the range with the following:
> match4 src src src
> I'd much rather have an elegant way to do it, like "match4 src".  I haven't figured out a way to do it yet.  Is there an easy method to match in the QoS rules on a range of IPs that aren't necessarily a subnet?
> Thanks!Brian
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.firehol.org
> http://lists.firehol.org/mailman/listinfo/firehol-support

More information about the Firehol-support mailing list