Netblocks to filter, was: Re: [fw-wiz] Protecting a datacentre
with a firewall
Tom Samplonius
tom at sdf.com
Sun May 4 10:59:39 PDT 2003
On Sun, 4 May 2003, Chuck Swiger wrote:
> I'd dug up some information about invalid IP network blocks to filter
> from a discussion on the firewall-wizards mailing list, and converted it
> to a set of IPFW(2) rules:
...
Be careful with this stuff though. While some blocks like 10/8 are
obviously dedicated for internal use, some blocks are merely "reserved".
The reserved blocks will be assigned to regional registries at some point.
For instance, 173/8 will be used some day, probably by end of next year.
Just recently a new block was assinged to a regional registry, which
began assigning networks to ISPs. The problem is that many sites have
filters blocking this IP block. That means the ISPs are faced with lots
of strange connectivity problems when using those IPs.
Tom
More information about the freebsd-isp
mailing list