BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[BLU] Re: 68.0.0.0/8 illegal?

Subject: [BLU] Re: 68.0.0.0/8 illegal?
From: jack at coats.org (Jack Coats)
Date: Thu, 26 Apr 2001 14:42:12 -0500 (CDT)
In-reply-to: <Pine.LNX.4.33.0104261025210.8094-100000@kramer.ne.mediaone.net>

172.x.x.x is another private range.

On Thu, 26 Apr 2001, David Kramer wrote:

> On Thu, 26 Apr 2001, Alex Pennace wrote:
>
> > On Thu, Apr 26, 2001 at 12:54:33AM -0400, David Kramer wrote:
> > > I built my rc.firewall from Robert Ziegler's site
> > > (http://www.linux-firewall-tools.com/). I noticed a lot of lines in it
> > > in this section:
> > >
> > >     # refuse addresses defined as reserved by the IANA
> > >     # 0.*.*.*, 1.*.*.*, 2.*.*.*, 5.*.*.*, 7.*.*.*, 23.*.*.*, 27.*.*.*
> > >     # 31.*.*.*, 37.*.*.*, 39.*.*.*, 41.*.*.*, 42.*.*.*, 58-60.*.*.*
> > >     # 65-95.*.*.*, 96-126.*.*.*, 197.*.*.*, 201.*.*.* (?), 217-223.*.*.*
> > [snip]
> > > So I'm thinking since these addresses seem to whois to real ISP's, that
> > > these are valid addresses that I should NOT be blocking.
> >
> > That's correct.
> >
> > > On the other hand, I think the SYN flag either means they initiated the
> > > conversation, or that they are trying to do a syn flood on my box.
> > > Given that I only see like 10 in a row, I doubt the latter.
> >
> > Poor guy at dsl092-067-047.bos1.dsl.speakeasy.net just wants to talk
> > SMTP to your box. :)
>
> So out of the above ranges, which should I open up?  The only ranges I
> know about are 10.*, 192.168.*, 127.0.0.1, and there's one more I'm
> forgetting.  Should I open up all the rest.  I'm already blocking any
> traffic on eth0 from those three in an earlier section of the script.
>
>
> -------------------------------------------------------------------
> DDDD   David Kramer                   http://thekramers.net
> DK KD
> DKK D  "All my life, I always wanted to be somebody.
> DK KD  Now I see that I should have been more specific."
> DDDD                                       - Lily Tomlin
>
>
>
> -
> Subcription/unsubscription/info requests: send e-mail with
> "subscribe", "unsubscribe", or "info" on the first line of the
> message body to discuss-request at blu.org (Subject line is ignored).
>

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).

Follow-Ups:
- [BLU] Re: 68.0.0.0/8 illegal?
  - From: ddm at pizzashack.org (Derek Martin)

References:
- [BLU] Re: 68.0.0.0/8 illegal?
  - From: david at thekramers.net (David Kramer)

Prev by Date: 68.0.0.0/8 illegal?
Next by Date: Procmail question (sorry if last one failed)
Previous by thread: [BLU] Re: 68.0.0.0/8 illegal?
Next by thread: [BLU] Re: 68.0.0.0/8 illegal?
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org