Re: iptables for 1 interface pc and other questions
On zo, 2003-01-19 at 22:48, Benedict Verheyen wrote:
> RESERVED_NET="
> 0.0.0.0/8 1.0.0.0/8 2.0.0.0/8 \
> 5.0.0.0/8 \
> 7.0.0.0/8 \
> 23.0.0.0/8 \
> 27.0.0.0/8 \
> 31.0.0.0/8 \
> 36.0.0.0/8 37.0.0.0/8 \
> 39.0.0.0/8 \
> 41.0.0.0/8 42.0.0.0/8 \
> 58.0.0.0/8 59.0.0.0/8 60.0.0.0/8 \
> 69.0.0.0/8 70.0.0.0/8 71.0.0.0/8 72.0.0.0/8 73.0.0.0/8 \
> 74.0.0.0/8 75.0.0.0/8 76.0.0.0/8 77.0.0.0/8 78.0.0.0/8 79.0.0.0/8 \
> 82.0.0.0/8 83.0.0.0/8 84.0.0.0/8 85.0.0.0/8 86.0.0.0/8 87.0.0.0/8 \
> 88.0.0.0/8 89.0.0.0/8 90.0.0.0/8 91.0.0.0/8 92.0.0.0/8 93.0.0.0/8 94.0.0.0/8 \
> 95.0.0.0/8 96.0.0.0/8 97.0.0.0/8 98.0.0.0/8 99.0.0.0/8 100.0.0.0/8 101.0.0.0/8 \
> 102.0.0.0/8 103.0.0.0/8 104.0.0.0/8 105.0.0.0/8 106.0.0.0/8 107.0.0.0/8 \
> 108.0.0.0/8 109.0.0.0/8 110.0.0.0/8 111.0.0.0/8 112.0.0.0/8 113.0.0.0/8 \
> 114.0.0.0/8 115.0.0.0/8 116.0.0.0/8 117.0.0.0/8 118.0.0.0/8 119.0.0.0/8 \
> 120.0.0.0/8 121.0.0.0/8 122.0.0.0/8 123.0.0.0/8 124.0.0.0/8 125.0.0.0/8 \
> 126.0.0.0/8 127.0.0.0/8 \
> 197.0.0.0/8 \
> 219.0.0.0/8 220.0.0.0/8 221.0.0.0/8 222.0.0.0/8 223.0.0.0/8 \
> 224.0.0.0/8 225.0.0.0/8 226.0.0.0/8 227.0.0.0/8 228.0.0.0/8 229.0.0.0/8 \
> 230.0.0.0/8 231.0.0.0/8 232.0.0.0/8 233.0.0.0/8 234.0.0.0/8 235.0.0.0/8 \
> 236.0.0.0/8 237.0.0.0/8 238.0.0.0/8 239.0.0.0/8 \
> 240.0.0.0/8 241.0.0.0/8 242.0.0.0/8 243.0.0.0/8 244.0.0.0/8 245.0.0.0/8 \
> 246.0.0.0/8 247.0.0.0/8 248.0.0.0/8 249.0.0.0/8 250.0.0.0/8 251.0.0.0/8 \
> 252.0.0.0/8 253.0.0.0/8 254.0.0.0/8 255.0.0.0/8"
Before you set up such a firewall, please make sure you do not block
valid ip networks only because you think they are invalid. See
http://www.cymru.com/Bogons/ for a very good and up-to-date list of
bogon networks. And consider subscribing to a list like
bogon-announce@puck.nether.net that helps you to keep your firewall
up-to-date whenever IANA assigns a new range.
--
Tot ziens,
Bart-Jan Vrielink
Reply to: