2004-03-17 20:06:54 +01:00
|
|
|
#
|
2004-10-26 17:37:00 +02:00
|
|
|
# Shorewall 2.2-- Bogons File
|
2004-03-17 20:06:54 +01:00
|
|
|
#
|
|
|
|
# /etc/shorewall/bogons
|
|
|
|
#
|
|
|
|
# Lists the subnetworks that are blocked by the 'nobogons' interface option.
|
|
|
|
#
|
|
|
|
# The default list includes those those ip ADDRESSES listed
|
|
|
|
# as 'reserved' by the IANA, the DHCP Autoconfig class B, and the class C
|
|
|
|
# reserved for use in documentation and examples.
|
|
|
|
#
|
2004-03-19 16:27:54 +01:00
|
|
|
# DO NOT MODIFY THIS FILE. IF YOU NEED TO MAKE CHANGES, COPY THE FILE
|
|
|
|
# TO /etc/shorewall AND MODIFY THE COPY.
|
|
|
|
#
|
2004-03-17 20:06:54 +01:00
|
|
|
# Columns are:
|
|
|
|
#
|
2004-09-08 20:46:57 +02:00
|
|
|
# SUBNET The subnet (host addresses also allowed as are IP
|
|
|
|
# address ranges provided that your kernel and iptables
|
|
|
|
# include iprange match support).
|
2004-03-17 20:06:54 +01:00
|
|
|
# TARGET Where to send packets to/from this subnet
|
|
|
|
# RETURN - let the packet be processed normally
|
|
|
|
# DROP - silently drop the packet
|
|
|
|
# logdrop - log then drop
|
|
|
|
#
|
|
|
|
###############################################################################
|
|
|
|
#SUBNET TARGET
|
2004-07-30 02:09:15 +02:00
|
|
|
0.0.0.0 RETURN # Stop the DHCP whining
|
2004-03-17 20:06:54 +01:00
|
|
|
255.255.255.255 RETURN # We need to allow limited broadcast
|
|
|
|
169.254.0.0/16 DROP # DHCP autoconfig
|
|
|
|
192.0.2.0/24 logdrop # Example addresses (RFC 3330)
|
|
|
|
#
|
|
|
|
# The following are generated with the help of the Python program found at:
|
|
|
|
#
|
|
|
|
# http://www.shorewall.net/pub/shorewall/contrib/iana_reserved/
|
|
|
|
#
|
|
|
|
# The program was contributed by Andy Wiggin
|
|
|
|
#
|
|
|
|
0.0.0.0/7 logdrop # Reserved
|
|
|
|
2.0.0.0/8 logdrop # Reserved
|
|
|
|
5.0.0.0/8 logdrop # Reserved
|
|
|
|
7.0.0.0/8 logdrop # Reserved
|
|
|
|
23.0.0.0/8 logdrop # Reserved
|
|
|
|
27.0.0.0/8 logdrop # Reserved
|
|
|
|
31.0.0.0/8 logdrop # Reserved
|
|
|
|
36.0.0.0/7 logdrop # Reserved
|
|
|
|
39.0.0.0/8 logdrop # Reserved
|
|
|
|
42.0.0.0/8 logdrop # Reserved
|
|
|
|
49.0.0.0/8 logdrop # JTC - Returned to IANA Mar 98
|
|
|
|
50.0.0.0/8 logdrop # JTC - Returned to IANA Mar 98
|
2004-08-27 20:29:42 +02:00
|
|
|
74.0.0.0/7 logdrop # Reserved
|
|
|
|
76.0.0.0/6 logdrop # Reserved
|
2004-04-20 22:14:09 +02:00
|
|
|
89.0.0.0/8 logdrop # Reserved
|
|
|
|
90.0.0.0/7 logdrop # Reserved
|
|
|
|
92.0.0.0/6 logdrop # Reserved
|
2004-03-17 20:06:54 +01:00
|
|
|
96.0.0.0/3 logdrop # Reserved
|
|
|
|
127.0.0.0/8 logdrop # Loopback
|
2004-04-20 22:14:09 +02:00
|
|
|
173.0.0.0/8 logdrop # Reserved
|
|
|
|
174.0.0.0/7 logdrop # Reserved
|
|
|
|
176.0.0.0/5 logdrop # Reserved
|
|
|
|
184.0.0.0/6 logdrop # Reserved
|
|
|
|
189.0.0.0/8 logdrop # Reserved
|
|
|
|
190.0.0.0/8 logdrop # Reserved
|
2004-03-17 20:06:54 +01:00
|
|
|
197.0.0.0/8 logdrop # Reserved
|
|
|
|
198.18.0.0/15 logdrop # Reserved
|
|
|
|
223.0.0.0/8 logdrop # Reserved - Returned by APNIC in 2003
|
|
|
|
240.0.0.0/4 logdrop # Reserved
|
|
|
|
#
|
|
|
|
# End of generated entries
|
|
|
|
#
|
|
|
|
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|