On Tue, 2004-11-30 at 09:03 +0100, Jan Johansson wrote:> Is my RFC1918 file obsolete? I have been assigned an ip in the
> 83.0.0.0/8 range, and of cource a lot of Shorewall systems drop me with
> a RFC1918 error.
>
> So, is my ISP actually giving me a RFC1918 IP, or am I missing
> something?
You are confusing RFC 1918 and Bogons. Versions of Shorewall prior to
2.0.1 used the same file (/etc/shorewall/rfc1918) to list both classes
of addresses. Since 2.0.1, the rfc1918 file has listed only those IP
address ranges reserved by RFC 1918:
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
Bogons are unallocated addresses or addresses allocated for purposes
that make them unsuitable for use on the Internet. 82.0.0.0/7 was
allocated last year by the IANA and addresses in that range have been
showing up more and more.
I personally advocate against using the ''nobogons'' option for
the reason
that it''s easy to reject legitimate traffic if one''s bogons
file isn''t
up to date.
On the other hand, the Debian maintainer is working on an autoupdate
script to be packaged with the .deb and there was one posted recently on
the list.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key