[Firehol-support] UNROUTABLE_IPS / RESERVED_IPS outdated
jbyers at jbyers.com
Sat Aug 26 01:18:05 BST 2006
I wanted to give everyone a head's up about UNROUTABLE_IPS, specifically
RESERVED_IPS. The IANA reserved network list that firehol 1.226 uses is
quite out of date, so if you follow the example config in the docs and
restrict traffic from UNROUTABLE_IPS, you'll be blocking a wide swath of
legitimate Internet users.
By my reading of the IANA assignment doc
(http://www.iana.org/assignments/ipv4-address-space), the following IP
ranges should be removed from the exclusion list:
This was filed a while back by someone else as a bug, but I figured it
was serious enough to send to the list as well. At least for us, this
resulted in some pretty unpleasant troubleshooting.
Otherwise, firehol's great. :)
More information about the Firehol-support