ipfw and access-list
adrian kok
adriankok2000 at yahoo.com.hk
Tue Sep 21 07:30:59 PDT 2004
Dear all
I am using freebsd as router and firewall
I have question about the following rules
implemented on ipfw and access-list of zebra
Do I have any problem and slow down the router using
same rule?
Thank you so much
# Deny all inbound traffic from non-routable reserved
address spaces
$cmd 00300 deny all from 192.168.0.0/16 to any in via
$pif #RFC 1918 private IP
$cmd 00301 deny all from 172.16.0.0/12 to anyin via
$pif #RFC 1918 private IP
$cmd 00302 deny all from 10.0.0.0/8 to anyin via $pif
#RFC 1918 private IP
$cmd 00303 deny all from 127.0.0.0/8 to anyin via $pif
#loopback
$cmd 00304 deny all from 0.0.0.0/8 to anyin via $pif
#loopback
$cmd 00305 deny all from 169.254.0.0/16 to anyin via
$pif #DHCP auto-config
$cmd 00306 deny all from 192.0.2.0/24 to anyin via
$pif #reserved for doc's
$cmd 00307 deny all from 204.152.64.0/23 to anyin via
$pif #Sun cluster interconnect
$cmd 00308 deny all from 224.0.0.0/3 to anyin via $pif
#Class D & E multicast
More information about the freebsd-questions
mailing list