[ previous ] [ next ] [ threads ]
 
 From:  Don Munyak <don dot munyak at gmail dot com>
 To:  Kasper Pedersen <m0n0list dash kkp at kasperkp dot dk>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Bogus network filtering
 Date:  Wed, 13 Jul 2005 14:29:04 -0400
Thanks Kasper,

For those interested IANA updated the list June 2005
http://www.iana.org/assignments/ipv4-address-space

- Don

On 7/13/05, Kasper Pedersen <m0n0list dash kkp at kasperkp dot dk> wrote:
> ----- Original Message -----
> From: "Don Munyak" <don dot munyak at gmail dot com>
> 
> 
> # Bogus Network Filtering
> block in log quick on xl0 from 0.0.0.0/7 to any
> block in log quick on xl0 from 2.0.0.0/8 to any
> block in log quick on xl0 from 5.0.0.0/8 to any
> ...
> 
> When doing something like this you have to check for updates to address
> assignments regularly since valid hosts and clients will be dropped
> otherwise. I've been on both ends of this, first when blocks 80.0.0.0/8 went
> live, and again when I was assigned nets in 82.0.0.0/8.
> 
> In addition I honestly don't believe it gives you any added security
> whatsoever. Only complexity.
> 
> /Kasper
> 
>