[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: iptables for 1 interface pc and other questions

Op ma 20-01-2003, om 18:42 schreef Nathan E Norman:
> On Sun, Jan 19, 2003 at 11:27:04PM +0100, Bart-Jan Vrielink wrote:
> > On zo, 2003-01-19 at 22:48, Benedict Verheyen wrote:
> > 
> > > RESERVED_NET="
>  
> [ snip ]
> 
> > >         69.0.0.0/8 70.0.0.0/8 71.0.0.0/8 72.0.0.0/8 73.0.0.0/8 \
> 
> [ snip ]
>  
> > Before you set up such a firewall, please make sure you do not block
> > valid ip networks only because you think they are invalid. See
> > http://www.cymru.com/Bogons/ for a very good and up-to-date list of
> > bogon networks. And consider subscribing to a list like
> > bogon-announce@puck.nether.net that helps you to keep your firewall
> > up-to-date whenever IANA assigns a new range.
> 
> Good advice.  For example, blocking 69/8 is certainly wrong ... it was
> recently allocated.  There's been lengthy discussion on NANOG
> (atleast) on what to do about people who are erroneously filtering
> traffic to/from 69/8 ...
> 
> -- 
> Nathan Norman - Incanus Networking mailto:nnorman@incanus.net
>   No.
>   > Should I include quotations after my reply?

I didn't know of the existance of this Bogons page. I'm going to
suscribe to the list.
I had a look at the page and it has a part that says:
Dotted Decimal Non-aggregated in the Bogon Dotted Decimal 
List v1.6 23 NOV 2002. Are these the ones that should be DROPped?

------ 
Benedict Verheyen 
Linux 2.4.20 AMD Athlon(tm) Processor AuthenticAMD GNU/Linux
Reply to: