[Firehol-support] UNROUTABLE_IPS / RESERVED_IPS outdated

James Byers jbyers at jbyers.com
Sat Aug 26 01:18:05 BST 2006


I wanted to give everyone a head's up about UNROUTABLE_IPS, specifically 
RESERVED_IPS.  The IANA reserved network list that firehol 1.226 uses is 
quite out of date, so if you follow the example config in the docs and 
restrict traffic from UNROUTABLE_IPS, you'll be blocking a wide swath of 
legitimate Internet users.

By my reading of the IANA assignment doc 
(http://www.iana.org/assignments/ipv4-address-space), the following IP 
ranges should be removed from the exclusion list:

041/8
073/8
074/7
076/8
089/8
090/7
121/8
122/8
123/8
124/8
125/8
126/8
189/8
190/8

This was filed a while back by someone else as a bug, but I figured it 
was serious enough to send to the list as well.  At least for us, this 
resulted in some pretty unpleasant troubleshooting.

http://sourceforge.net/tracker/index.php?func=detail&aid=1475053&group_id=58425&atid=487692

Otherwise, firehol's great.  :)

James




More information about the Firehol-support mailing list