mirror of
https://gitlab.com/shorewall/code.git
synced 2025-04-20 17:28:53 +02:00
My original idea here was stupid - we have to maintain different
versions of bogons anyway, so this directory should just create the bogons.body file, and we'll cut & paste into the files in the relevant branches. git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2243 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
paulgear
parent
5842afccb1
commit
486e1726c0
@ -1,10 +1,7 @@
|
|||||||
all: bogons
|
all: bogons.body
|
||||||
|
|
||||||
wget:
|
wget:
|
||||||
wget --timestamping http://www.iana.org/assignments/ipv4-address-space
|
wget --timestamping http://www.iana.org/assignments/ipv4-address-space
|
||||||
|
|
||||||
bogons: bogons.head bogons.body bogons.tail
|
|
||||||
cat $^ > $@
|
|
||||||
|
|
||||||
bogons.body: wget ipv4-address-space getreserved.py Makefile
|
bogons.body: wget ipv4-address-space getreserved.py Makefile
|
||||||
./getreserved.py < ipv4-address-space | grep -v '^10\.0\.0\.0/8' > $@
|
./getreserved.py < ipv4-address-space | grep -v '^10\.0\.0\.0/8' > $@
|
||||||
|
|||||||
@ -1,66 +0,0 @@
|
|||||||
#
|
|
||||||
# Shorewall 2.4 -- Bogons File
|
|
||||||
#
|
|
||||||
# /etc/shorewall/bogons
|
|
||||||
#
|
|
||||||
# Lists the subnetworks that are blocked by the 'nobogons' interface option.
|
|
||||||
#
|
|
||||||
# The default list includes those those ip ADDRESSES listed
|
|
||||||
# as 'reserved' by the IANA, the DHCP Autoconfig class B, and the class C
|
|
||||||
# reserved for use in documentation and examples.
|
|
||||||
#
|
|
||||||
# DO NOT MODIFY THIS FILE. IF YOU NEED TO MAKE CHANGES, COPY THE FILE
|
|
||||||
# TO /etc/shorewall AND MODIFY THE COPY.
|
|
||||||
#
|
|
||||||
# Columns are:
|
|
||||||
#
|
|
||||||
# SUBNET The subnet (host addresses also allowed as are IP
|
|
||||||
# address ranges provided that your kernel and iptables
|
|
||||||
# include iprange match support).
|
|
||||||
# TARGET Where to send packets to/from this subnet
|
|
||||||
# RETURN - let the packet be processed normally
|
|
||||||
# DROP - silently drop the packet
|
|
||||||
# logdrop - log then drop
|
|
||||||
#
|
|
||||||
###############################################################################
|
|
||||||
#SUBNET TARGET
|
|
||||||
0.0.0.0 RETURN # Stop the DHCP whining
|
|
||||||
255.255.255.255 RETURN # We need to allow limited broadcast
|
|
||||||
169.254.0.0/16 DROP # DHCP autoconfig
|
|
||||||
192.0.2.0/24 logdrop # Example addresses (RFC 3330)
|
|
||||||
|
|
||||||
#
|
|
||||||
# The following are generated with the help of the Python program found at:
|
|
||||||
#
|
|
||||||
# http://www.shorewall.net/pub/shorewall/contrib/iana_reserved/
|
|
||||||
#
|
|
||||||
# The program was contributed by Andy Wiggin
|
|
||||||
#
|
|
||||||
0.0.0.0/7 logdrop # Reserved
|
|
||||||
2.0.0.0/8 logdrop # Reserved
|
|
||||||
5.0.0.0/8 logdrop # Reserved
|
|
||||||
7.0.0.0/8 logdrop # Reserved
|
|
||||||
23.0.0.0/8 logdrop # Reserved
|
|
||||||
27.0.0.0/8 logdrop # Reserved
|
|
||||||
31.0.0.0/8 logdrop # Reserved
|
|
||||||
36.0.0.0/7 logdrop # Reserved
|
|
||||||
39.0.0.0/8 logdrop # Reserved
|
|
||||||
42.0.0.0/8 logdrop # Reserved
|
|
||||||
77.0.0.0/8 logdrop # Reserved
|
|
||||||
78.0.0.0/7 logdrop # Reserved
|
|
||||||
92.0.0.0/6 logdrop # Reserved
|
|
||||||
96.0.0.0/4 logdrop # Reserved
|
|
||||||
112.0.0.0/5 logdrop # Reserved
|
|
||||||
120.0.0.0/6 logdrop # Reserved
|
|
||||||
127.0.0.0/8 logdrop # Reserved
|
|
||||||
173.0.0.0/8 logdrop # Reserved
|
|
||||||
174.0.0.0/7 logdrop # Reserved
|
|
||||||
176.0.0.0/5 logdrop # Reserved
|
|
||||||
184.0.0.0/6 logdrop # Reserved
|
|
||||||
197.0.0.0/8 logdrop # Reserved
|
|
||||||
223.0.0.0/8 logdrop # Reserved
|
|
||||||
240.0.0.0/4 logdrop # Reserved
|
|
||||||
#
|
|
||||||
# End of generated entries
|
|
||||||
#
|
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
|
||||||
@ -1,38 +0,0 @@
|
|||||||
#
|
|
||||||
# Shorewall 2.4 -- Bogons File
|
|
||||||
#
|
|
||||||
# /etc/shorewall/bogons
|
|
||||||
#
|
|
||||||
# Lists the subnetworks that are blocked by the 'nobogons' interface option.
|
|
||||||
#
|
|
||||||
# The default list includes those those ip ADDRESSES listed
|
|
||||||
# as 'reserved' by the IANA, the DHCP Autoconfig class B, and the class C
|
|
||||||
# reserved for use in documentation and examples.
|
|
||||||
#
|
|
||||||
# DO NOT MODIFY THIS FILE. IF YOU NEED TO MAKE CHANGES, COPY THE FILE
|
|
||||||
# TO /etc/shorewall AND MODIFY THE COPY.
|
|
||||||
#
|
|
||||||
# Columns are:
|
|
||||||
#
|
|
||||||
# SUBNET The subnet (host addresses also allowed as are IP
|
|
||||||
# address ranges provided that your kernel and iptables
|
|
||||||
# include iprange match support).
|
|
||||||
# TARGET Where to send packets to/from this subnet
|
|
||||||
# RETURN - let the packet be processed normally
|
|
||||||
# DROP - silently drop the packet
|
|
||||||
# logdrop - log then drop
|
|
||||||
#
|
|
||||||
###############################################################################
|
|
||||||
#SUBNET TARGET
|
|
||||||
0.0.0.0 RETURN # Stop the DHCP whining
|
|
||||||
255.255.255.255 RETURN # We need to allow limited broadcast
|
|
||||||
169.254.0.0/16 DROP # DHCP autoconfig
|
|
||||||
192.0.2.0/24 logdrop # Example addresses (RFC 3330)
|
|
||||||
|
|
||||||
#
|
|
||||||
# The following are generated with the help of the Python program found at:
|
|
||||||
#
|
|
||||||
# http://www.shorewall.net/pub/shorewall/contrib/iana_reserved/
|
|
||||||
#
|
|
||||||
# The program was contributed by Andy Wiggin
|
|
||||||
#
|
|
||||||
@ -1,4 +0,0 @@
|
|||||||
#
|
|
||||||
# End of generated entries
|
|
||||||
#
|
|
||||||
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
|
|
||||||
Loading…
Reference in New Issue
Block a user