there is a mistake in ipfw docs on your site

Glen Barber gjb at FreeBSD.org
Fri Mar 13 01:19:02 UTC 2015 

On Fri, Mar 13, 2015 at 04:03:00AM +0300, Алексей Прац wrote:
> hello
> talking about this page:
> https://www.freebsd.org/doc/en/books/handbook/firewalls-ipfw.html
> there's RFC (http://www.rfc-editor.org/rfc/rfc5735.txt), which says:
> 
> 4.  Summary Table
> 
> Address Block       Present Use                Reference
> ------------------------------------------------------------------
> 0.0.0.0/8           "This" Network             RFC 1122, Section 3.2.1.3
> 10.0.0.0/8          Private-Use Networks       RFC 1918
> 127.0.0.0/8         Loopback                   RFC 1122, Section 3.2.1.3
> 169.254.0.0/16      Link Local                 RFC 3927
> 172.16.0.0/12       Private-Use Networks       RFC 1918
> 192.0.0.0/24        IETF Protocol Assignments  RFC 5736
> 192.0.2.0/24        TEST-NET-1                 RFC 5737
> 192.88.99.0/24      6to4 Relay Anycast         RFC 3068
> 192.168.0.0/16      Private-Use Networks       RFC 1918
> 198.18.0.0/15       Network Interconnect
>                     Device Benchmark Testing   RFC 2544
> 198.51.100.0/24     TEST-NET-2                 RFC 5737
> 203.0.113.0/24      TEST-NET-3                 RFC 5737
> 224.0.0.0/4         Multicast                  RFC 3171
> 240.0.0.0/4         Reserved for Future Use    RFC 1112, Section 4
> 255.255.255.255/32  Limited Broadcast          RFC 919, Section 7
>                                                RFC 922, Section 7
> -------------
> 
> BUT
> your page says:
> 
> $cmd 00307 deny all from 204.152.64.0/23 to any in via $pif    #Sun cluster interconnect
> $cmd 00308 deny all from 224.0.0.0/3 to any in via $pif        #Class D & E multicast
> 
> there's no 204.152.64.0 in RFC and there's mask /4 not /3
> 
> please tell me what i don't understand?
> 

Please clarify which address block you are referencing.  You quoted:
224.0.0.0/3 and 204.152.64.0/23, but the former has a '/3' (not '/4'),
and the latter has '/23'.

I suspect you are referencing 224.0.0.0/3, but you also do not specify
the RFC either, so I do not want to make assumptions here.

Glen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-doc/attachments/20150313/3821fdeb/attachment.sig>

More information about the freebsd-doc mailing list