Let's say I have a subnet defined as 10.223.105.0/24 and that I want to discard any message originating from addresses 10.223.105.17 through 10.223.105.123.
How can I do that?
Documentation shows that operators <, <=, > and >= can be used with single-number values like frame.len but how can it be used with IP Addresses? Can they directly handle a IP Address in the 10.223.105.22 format? Do we have to use the numerical value of the IP Address and compare it to a 32-bit number? If so, how should every field of the IP Address be mapped into that 32-bit number?
