trying to block the range of hosts from 150 to 250 is not a simple task and requires a combination of statements with different masks to include that specific range. It works out like this:
deny 10.8.19.150 0.0.0.1
deny 10.8.19.152 0.0.0.7
deny 10.8.19.160 0.0.0.31
deny 10.8.19.192 0.0.0.31
deny 10.8.19.224 0.0.0.15
deny 10.8.19.240 0.0.0.7
deny 10.8.19.248 0.0.0.1
deny 10.8.19.250 0.0.0.0
This will cover exactly the range from 150 to 250.
I'm glad we used the same maths. It would have been pretty embarassing otherwise ;-)
If you only want to deny access to hosts between 10.8.19.150 to 250 inclusively and nothing else then this cannot be done with one statement, you could use something like this:
access-list 1 deny 10.8.19.150 0.0.0.1
access-list 1 deny 10.8.19.152 0.0.0.7
access-list 1 deny 10.8.19.160 0.0.0.31
access-list 1 deny 10.8.19.192 0.0.0.31
access-list 1 deny 10.8.19.224 0.0.0.15
access-list 1 deny 10.8.19.240 0.0.0.7
access-list 1 deny 10.8.19.248 0.0.0.1
access-list 1 deny 10.8.19.250 0.0.0.0
access-list 1 permit any
Hope this helps,
The 0.0.0.100 doesn't mean the next 100 hosts.
Access-lists use a reverse bit mask (wildcard mask) to determine the address range. A reverse bit mask is a binary mask where one values mean "do not care".
So for instance, 10.8.19.0 0.0.0.255 represents the range 10.8.19.0 to 10.8.19.255 as we do not care what is the value of the last octect.
10.8.19.150 0.0.0.1 represente range 10.8.19.150 to 10.8.19.151 as we do not care about the last bit in this example.
Hope this helps,
Your question implies that the mask is a count of how many addresses to apply to. But that is not how the mask works. In access list masks the numbers given are converted into binary and each digit where there is a binary zero is a bit that must match in the address. So the mask of 0.0.0.100 would not match from 150 to 250.
Have a look at this ACL wild card mask tutorial and see if it makes sense.
After reading this if you still have any further questions just give us a shout.