Hi all since a few weeks I noticed an increase in packets dropped by the nobogons-chain, all comming from the 125/8-block. I noticed some changes in IANA''s IPv4 adress-space at http://www.iana.org/assignments/ipv4-address-space concerning the networks 121/8 - 126/8.>From time to time, also packets from other networks like 190/8 getdropped. Are there any updates to the bogons needed? Or isn''t it recommended running the bogons-chain anymore? BTW: The packets seem to be fully legitimate SYN''s to an smtp-service running on the machines. Thanks for shedding some light on this issue, Pascal
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pascal Mainini wrote:> > Thanks for shedding some light on this issue, >There''s an updated bogons file at ftp://ftp1.shorewall.net/pub/shorewall/2.4/shorewall-2.4.8/errata/bogons - -Tom (who will be delighted when Shorewall 2.4 is no longer supported and he can stop having to deal with the bogons file -- it was a truly bad idea). - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEBG7VO/MAbZfjDLIRAjpUAKChxVqtrigA5eP81XZDKDKSFFw1LQCfe486 wfW9vCegYtgKUPd35q7TbI0=gaqI -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Pascal Mainini wrote:> Hi all > > since a few weeks I noticed an increase in packets dropped by the > nobogons-chain, all comming from the 125/8-block. I noticed some > changes in IANA''s IPv4 adress-space atPascal : If I were you, I ''ll remove the "nobogons" option from you configureation files.
Cristian Rodriguez wrote:> Pascal Mainini wrote: >> Hi all >> >> since a few weeks I noticed an increase in packets dropped by the >> nobogons-chain, all comming from the 125/8-block. I noticed some >> changes in IANA''s IPv4 adress-space at > > > Pascal : If I were you, I ''ll remove the "nobogons" option from you > configureation files. >Not a bad idea -- As I mentioned in my earlier message, ''nobogons'' was deimplemented in Shorewall 3.0. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key