Help:Bloqueos de rango de IP

Jump to: navigation, search
This page is a translated version of the page Help:Range blocks and the translation is 24% complete.

Other languages:
English • ‎español • ‎français • ‎Bahasa Indonesia • ‎italiano • ‎日本語 • ‎한국어 • ‎polski • ‎português • ‎português do Brasil • ‎русский • ‎中文
PD Nota: Al editar esta página, aceptas liberar tu contribución bajo la licencia CC0. Mira las páginas de ayuda sobre dominio público para más información.
See /IPv6 for information on IPv6 range blocks.

Range blocks are technical restrictions applied through Special:Block to a group of IP addresses that prevent them from editing, creating new accounts, sending email through the wiki interface, etc. If you check the box "Impedir que los usuarios identificados editen desde esta dirección IP", edits from registered accounts will also be disabled while they are connecting from the blocked range.

Range blocking is enabled and used on all Wikimedia wikis; if it is not enabled on your wiki, add "$wgSysopRangeBansManual:$wgSysopRangeBans = true;" in LocalSettings.phpManual:LocalSettings.php (permanently enabled in MediaWiki 1.18.0 and later).

To block an IP range from Special:Block, enter the first IP address in the range followed by a forward slash and a Classless inter-domain routing (CIDR) suffix. You should avoid performing range blocks unless you understand what you are doing, or you may end up blocking tens of thousands or even millions of people who are not the problem!

This article mainly discusses IPv4; IPv6 blocks work similarly, but have different implications - see /IPv6.

Non-technical explanation[edit]

IP addresses are broken up into blocks of numbers. An example of this would be through to Once it reaches 255 the next number is

IP addresses can be broken up in to smaller or larger blocks. The smallest practical block is a block of 4. This could be one of the following: -, -, -, ...

Of each block of 4 numbers, only two can be assigned to a computer. The first and last numbers of any block are reserved for network communication. These are level 30 blocks and can be expressed like this:,,, ...

The next largest block is 8. They can be as follows: -, -, -, ...

In this block of 8 numbers only 6 can be assigned to a computer as, once again, the first and last numbers in a block are reserved for specific uses in network communication. Esto también se puede expresar como sigue:,,, ...

From this point on, the number of IP addresses in a block continues to double: 16, 32, 64, 128, 256, etc.

A block of 16 would start
A block of 32 would start
A block of 64 would start
A block of 128 would start
A block of 256 would start

So if you have an IP address and you want to block the range assigned how do you know which one to use? Let's say you have a problem with You can lookup who has this IP address at Say this tells us that this IP address is assigned, along with a LOT of others in a /17 range, to the Department of Defense. We certainly don't want to block a large block of the DoD! The rule of thumb is block as little as possible. Only block a range if there is a cluster of IP addresses giving a problem.

There's a calculator that is very useful for this:

Go to this site and enter into the first set of blanks. Now select Network Prefix Length and enter 27 (this will give a block of 32 addresses) and click Calculate Network Information. This will show us a block of 32 IP addresses that include (The first - network - and the last - broadcast - addresses will be displayed along with the usable addresses in the range.) You can use this tool to test ranges to be sure they are what you want before entering the information to initiate the block.

Explicación técnica[edit]

CIDR notation is written as the IP address, a slash, and the CIDR suffix (for example, the IPv4 "" or IPv6 "a3:bc00::/24"). The CIDR suffix is the number of starting digits every IP address in the range have in common when written in binary.

For example: "" is binary "00001010.00001010.00000001.00100000", so will match the first 27 digits ("00001010.00001010.00000001.00100000"). The IP addresses, when converted to binary, all have the same 27 first digits and will be blocked if is blocked.

As the CIDR suffix increases, the block affects fewer IP addresses (see table of sample ranges). CIDR suffixes are not the same for IPv4 addresses as they are for IPv6 addresses; the same CIDR suffix in IPv4 blocks =79,228,162,514,264,337,593,543,950,336 times as many addresses in IPv6.

Calculating the CIDR suffix[edit]

You can use the table of sample ranges below to guess the range, use a computer script, or manually calculate the range.

Conversión a binario[edit]

The first step in manually calculating a range is to convert the first and last IP address to binary representation. (This assumes you're not using a computer script, which can probably calculate the range for you anyway.) An IP address is composed of four groups of eight ones and zeros. Each group represents a number from 0 to 255. To convert a number to binary, you can use a reference table or know the value of each binary digit:

Dígito binario:   1   1   1   1   1   1   1   1
Valor: 128  64  32  16   8   4   2   1

Proceeding from left to right, fill in 1 if the number is at least that value, and subtract that value (if it's not, fill in 0 and don't subtract). For example, to calculate 240:

  1. 240 is at least 128, so place 1 and subtract 128.
  2. 112 (240-128) is at least 64, so place 1 and subtract 64.
  3. 48 (112-64) is at least 32, so place 1 and subtract 32.
  4. 16 (48-32) is at least 16, so place 1 and subtract 16.
  5. Since the remaining value is zero, all the remaining places are 0.

Thus, 240 is 1111 0000 because it can be represented as 128+64+32+16+0+0+0+0.

Calcular el rango[edit]

  1. Pon las dos direcciones IP una encima de la otra y comprueba cuántos de los dígitos iniciales coinciden. Este es el sufijo CIDR.
  2. ¡Compruébalo de nuevo! Un error de un dígito podría suponer extender el bloqueo a miles de direcciones.

A continuación, se muestra un ejemplo de cálculo del rango CIDR entre las IP y Nótese que este es un ejemplo sencillo. Algunos grupos de direcciones IP no se amoldan tan bien a los sufijos CIDR y requerirán de bloqueo de distintos tamaños para bloquear el rango exacto.

Direcciones IP:
Convertir a binario:
  0100 0101.1101 0000.0000 0000.0000 0000
  0100 0101.1101 0000.0000 0000.1111 1111
Cuenta los dígitos iniciales idénticos:
  0100 0101.1101 0000.0000 0000.0000 0000
  0100 0101.1101 0000.0000 0000.1111 1111
            24 dígitos
Rango CIDR:

Tabla de rangos de muestra[edit]

The table below shows the IPv4 blocks each CIDR suffix affects. Note that MediaWiki only supports blocking CIDR suffixes 16 - 32 in IPv4 and 19 (formerly 64) - 128 in IPv6 by default (subject to $wgBlockCIDRLimitManual:$wgBlockCIDRLimit). See /IPv6 for an IPv6 range table.

CIDR Start Range End Range Direcciones totales Bits selected in IP address 4,294,967,296 ********.********.********.******** 2,147,483,648 0*******.********.********.******** 268,435,456 0100****.********.********.******** 16,777,216 01000101.********.********.******** 2,097,152 01000101.110*****.********.******** 1,048,576 01000101.1101****.********.******** 524,288 01000101.11010***.********.******** 262,144 01000101.110100**.********.******** 131,072 01000101.1101000*.********.******** 65,536 01000101.11010000.********.******** 32,768 01000101.11010000.0*******.******** 16,384 01000101.11010000.00******.******** 8,192 01000101.11010000.000*****.******** 4,096 01000101.11010000.0000****.******** 2,048 01000101.11010000.00000***.******** 1,024 01000101.11010000.000000**.******** 512 01000101.11010000.0000000*.******** 256 01000101.11010000.00000000.******** 128 01000101.11010000.00000000.0******* 64 01000101.11010000.00000000.00****** 32 01000101.11010000.00000000.000***** 16 01000101.11010000.00000000.0000**** 8 01000101.11010000.00000000.00000*** 4 01000101.11010000.00000000.000000** 2 01000101.11010000.00000000.0000000* 1 01000101.11010000.00000000.00000000

Default limitation[edit]

The default MediaWiki installation limits range blocks to no larger than /16 IPv4 rangeblocks (65,536 addresses). To block larger ranges $wgBlockCIDRLimitManual:$wgBlockCIDRLimit needs to be set accordingly in LocalSettings.phpManual:LocalSettings.php.


Enlaces externos[edit]