Peter,
What you're thinking of is maybe the smallest single netmask that
will include the set of netmasks on the command line? Or something more
complex?
Would the correct answer to the set you gave as an example be
211.0.0.0/8, or 211.40.48.5/255.41.117.77? The second might require some
explaining...
Some devices can support netmasks that are not all ones followed by
all zeros... (i.e. if you say 10.0.0.0/255.255.255.247, that is shorthand
for addresses 10.0.0.0 and 10.0.0.8, similarly 10.0.0.0/255.255.255.249 =>
{ 10.0.0.0, 10.0.0.2, 10.0.0.4, 10.0.0.6 }) But as of yet support for that
style, it is not common, and I haven't explored efficient means for netmask
to generate them. Also note that these types of netmasks can not be
expressed in the current form of CIDR notation (though CIDR could be
extended to handle it).
If that is unclear, play with these numbers a bit using netmask's
-b option to dump these number in binary. Remember though that currently
netmask will not support a mask of the more complex form I was talking
about, so list them as addresses see them in binary. I also doubt that
the tcpwrappers would support the complex netmasks (though they could
probably be convinced to add support if a tool like netmask made it easy to
generate them).
-Robert