From nobody Sat Mar 05 21:19:52 2022
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id A171B1A0D69C;
	Sat,  5 Mar 2022 21:20:01 +0000 (UTC)
	(envelope-from steffen@sdaoden.eu)
Received: from sdaoden.eu (sdaoden.eu [217.144.132.164])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4K9yKr6SWWz4XbS;
	Sat,  5 Mar 2022 21:20:00 +0000 (UTC)
	(envelope-from steffen@sdaoden.eu)
Received: from kent.sdaoden.eu (kent.sdaoden.eu [192.0.2.2])
	by sdaoden.eu (Postfix) with ESMTPS id 5C05E16057;
	Sat,  5 Mar 2022 22:19:53 +0100 (CET)
Received: by kent.sdaoden.eu (Postfix, from userid 1000)
	id 0DB3C65FFD; Sat,  5 Mar 2022 22:19:52 +0100 (CET)
Date: Sat, 05 Mar 2022 22:19:52 +0100
Author: Steffen Nurpmeso <steffen@sdaoden.eu>
From: Steffen Nurpmeso <steffen@sdaoden.eu>
To: "Pedro F. Giffuni" <pfg@FreeBSD.org>
Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
Subject: Re: git: 455e0b9ba5dd - main - /etc/hosts: Wording changes
 to better match RFC 1918
Message-ID: <20220305211952.hdWAk%steffen@sdaoden.eu>
In-Reply-To: <202203052059.225KxqL3098920@gitrepo.freebsd.org>
References: <202203052059.225KxqL3098920@gitrepo.freebsd.org>
Mail-Followup-To: "Pedro F. Giffuni" <pfg@FreeBSD.org>,
 src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-main@FreeBSD.org
User-Agent: s-nail v14.9.23-243-g00c89d995b
OpenPGP: id=EE19E1C1F2F7054F8D3954D8308964B51883A0DD;
 url=https://ftp.sdaoden.eu/steffen.asc; preference=signencrypt
BlahBlahBlah: Any stupid boy can crush a beetle. But all the professors in
 the world can make no bugs.
X-Rspamd-Queue-Id: 4K9yKr6SWWz4XbS
X-Spamd-Bar: --
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of steffen@sdaoden.eu designates 217.144.132.164 as permitted sender) smtp.mailfrom=steffen@sdaoden.eu
X-Spamd-Result: default: False [-2.25 / 15.00];
	 ARC_NA(0.00)[];
	 NEURAL_HAM_MEDIUM(-0.97)[-0.969];
	 FROM_HAS_DN(0.00)[];
	 RCPT_COUNT_THREE(0.00)[4];
	 TO_MATCH_ENVRCPT_ALL(0.00)[];
	 R_SPF_ALLOW(-0.20)[+a];
	 MIME_GOOD(-0.10)[text/plain];
	 DMARC_NA(0.00)[sdaoden.eu];
	 NEURAL_HAM_LONG(-1.00)[-0.999];
	 TO_DN_SOME(0.00)[];
	 NEURAL_HAM_SHORT(-0.98)[-0.981];
	 MID_CONTAINS_FROM(1.00)[];
	 MLMMJ_DEST(0.00)[dev-commits-src-all,dev-commits-src-main];
	 FROM_EQ_ENVFROM(0.00)[];
	 R_DKIM_NA(0.00)[];
	 MIME_TRACE(0.00)[0:+];
	 ASN(0.00)[asn:15987, ipnet:217.144.128.0/20, country:DE];
	 RCVD_COUNT_TWO(0.00)[2];
	 RCVD_TLS_ALL(0.00)[];
	 RECEIVED_SPAMHAUS_PBL(0.00)[192.0.2.2:received]
X-ThisMailContainsUnwantedMimeParts: N
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-main@freebsd.org
X-BeenThere: dev-commits-src-main@freebsd.org

Pedro F. Giffuni wrote in
 <202203052059.225KxqL3098920@gitrepo.freebsd.org>:
 |The branch main has been updated by pfg:
 |
 |URL: https://cgit.FreeBSD.org/src/commit/?id=455e0b9ba5dd44511849af7424c\
 |922c5c10cb2bd
 |
 |commit 455e0b9ba5dd44511849af7424c922c5c10cb2bd
 |Author:     Pedro F. Giffuni <pfg@FreeBSD.org>
 |AuthorDate: 2022-02-28 04:07:34 +0000
 |Commit:     Pedro F. Giffuni <pfg@FreeBSD.org>
 |CommitDate: 2022-03-05 21:00:59 +0000
 |
 |    /etc/hosts: Wording changes to better match RFC 1918
 ...
 |-# According to RFC 1918, you can use the following IP networks for
 |-# private nets which will never be connected to the Internet:
 |+# According to RFC 1918, you can use the following IP blocks for
 |+# private internets:
 | #
 |-#    10.0.0.0        -   10.255.255.255
 |-#    172.16.0.0      -   172.31.255.255
 |-#    192.168.0.0     -   192.168.255.255
 |+#    10.0.0.0        -   10.255.255.255      (10/8 prefix)
 |+#    172.16.0.0      -   172.31.255.255      (172.16/12 prefix)
 |+#    192.168.0.0     -   192.168.255.255     (192.168/16 prefix)
 | #
 |-# In case you want to be able to connect to the Internet, you need
 |+# In case you want to make addresses available on the Internet, you need
 | # real official assigned numbers.  Do not try to invent your own network
 | # numbers but instead get one from your network provider (if any) or
 | # from your regional registry (ARIN, APNIC, LACNIC, RIPE NCC, or AfriNIC.)

Let me be stupid one more time, as these IPs are used by public
WLANs and i did not use 127.0.0.0/8 (-loopback, stupid me)
i started to firewall-block the RFC 5737 TEST-NET-[123] on
ingress, and thus have 192.0.2.0/24, 198.51.100.0/24 and
203.0.113.0/24 guaranteed to be bite-free (and routable via VPN).

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)