[Firehol-support] UNROUTABLE_IPS / RESERVED_IPS outdated
Rick Marshall
rjm at zenucom.com
Sat Aug 26 01:39:18 BST 2006
perhaps we could have a firehol mod to auto update its unroutable list?
we've bumped into this problem several times.
thanks
rick
James Byers wrote:
>I wanted to give everyone a head's up about UNROUTABLE_IPS, specifically
>RESERVED_IPS. The IANA reserved network list that firehol 1.226 uses is
>quite out of date, so if you follow the example config in the docs and
>restrict traffic from UNROUTABLE_IPS, you'll be blocking a wide swath of
>legitimate Internet users.
>
>By my reading of the IANA assignment doc
>(http://www.iana.org/assignments/ipv4-address-space), the following IP
>ranges should be removed from the exclusion list:
>
>041/8
>073/8
>074/7
>076/8
>089/8
>090/7
>121/8
>122/8
>123/8
>124/8
>125/8
>126/8
>189/8
>190/8
>
>This was filed a while back by someone else as a bug, but I figured it
>was serious enough to send to the list as well. At least for us, this
>resulted in some pretty unpleasant troubleshooting.
>
>http://sourceforge.net/tracker/index.php?func=detail&aid=1475053&group_id=58425&atid=487692
>
>Otherwise, firehol's great. :)
>
>James
>
>-------------------------------------------------------------------------
>Using Tomcat but need to do more? Need to support web services, security?
>Get stuff done quickly with pre-integrated technology to make your job easier
>Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
>http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
>_______________________________________________
>Firehol-support mailing list
>Firehol-support at lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/firehol-support
>
>!DSPAM:44ef8feb28781804284693!
>
>
>
More information about the Firehol-support
mailing list