[ previous ] [ next ] [ threads ]
 
 From:  Michael Sierchio <kudzu at tenebras dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] address-spoofing
 Date:  Wed, 18 May 2005 11:55:15 -0700
Don Munyak wrote:
> Is address-spoofing protection built-in to the default rules in
> m0n0wall or is this something I need to apply to the filters tab.
> 
> ie..."Packets that claim to be coming from internal machines but are
> actually coming in from the outside"
> 
> also "Internal packets that have external source adresses"

And then there's the bogons list....  this includes the RFC1918
addrs, as well as those that should never appear on the WAN interface:

96.0.0.0/3
224.0.0.0/3
176.0.0.0/5
76.0.0.0/6
92.0.0.0/6
184.0.0.0/6
0.0.0.0/7
36.0.0.0/7
74.0.0.0/7
90.0.0.0/7
174.0.0.0/7
2.0.0.0/8
5.0.0.0/8
7.0.0.0/8
10.0.0.0/8
23.0.0.0/8
27.0.0.0/8
31.0.0.0/8
39.0.0.0/8
41.0.0.0/8
42.0.0.0/8
49.0.0.0/8
50.0.0.0/8
73.0.0.0/8
89.0.0.0/8
173.0.0.0/8
189.0.0.0/8
190.0.0.0/8
197.0.0.0/8
223.0.0.0/8
172.16.0.0/12
198.18.0.0/15
169.254.0.0/16
192.168.0.0/16
192.0.2.0/24