From fceb8cc250bf8ad0a7d3e2ff6bfe6c943bfc11d4 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Wed, 26 Jan 2005 19:03:05 +0000
Subject: [PATCH] Add recommendation against 'nobogons'

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1926 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-docs2/Documentation.xml | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/Shorewall-docs2/Documentation.xml b/Shorewall-docs2/Documentation.xml
index 60fe0769a..4e1f885cf 100644
--- a/Shorewall-docs2/Documentation.xml
+++ b/Shorewall-docs2/Documentation.xml
@@ -15,10 +15,10 @@
       </author>
     </authorgroup>
 
-    <pubdate>2004-12-31</pubdate>
+    <pubdate>2005-01-26</pubdate>
 
     <copyright>
-      <year>2001-2004</year>
+      <year>2001-2005</year>
 
       <holder>Thomas M. Eastep</holder>
     </copyright>
@@ -638,6 +638,14 @@ dmz        DMZ            Demilitarized zone</programlisting>
                 address reserved by the IANA or by other RFCs (other than
                 1918) are dropped after being optionally logged. See the
                 /etc/shorewall/bogons file documentation below.</para>
+
+                <para>I personally recommend against using the nobogons
+                option. The IPV4 address space is being rapidly depleated so
+                the benefit of blocking traffic from unallocated address
+                ranges is minimal. Plus the rate at which address blocks are
+                being assigned causes your /etc/shorewall/bogons file to
+                become out of date with the result that legitimate traffic
+                gets blocked.</para>
               </listitem>
             </varlistentry>
 
@@ -4109,4 +4117,4 @@ eth1                -</programlisting>
         </revision>
       </revhistory></para>
   </appendix>
-</article>
+</article>
\ No newline at end of file