similar to: Updated rfc1918 and bogons files

Updated rfc1918 and bogons files are now available: rfc1918 for Shorewall 2.0.0 and earlier: http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 bogons for Shorwall 2.0.1: http://shorewall.net/pub/shorewall/errata/2.0.1/bogons Thanks go to Thomas Backlund for pointing out that the file was out of date. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool

Hi, according to: http://www.iana.org/assignments/ipv4-address-space the bogons table is outdated... tha attached patch fixes that... (done against 2.0.1) -- Regards Thomas PS. please CC me as I''m not subscribed to the list -------------- next part -------------- --- usr/share/shorewall/bogons.old 2004-04-19 18:28:00.000000000 +0300 +++ usr/share/shorewall/bogons 2004-04-20

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 An updated bogons file is available at: http://shorewall.net/pub/shorewall/errata/2.0.8/bogons ftp://shorewall.net/pub/shorewall/errata/2.0.8/bogons Thanks to Lorenzo Martignoni for bringing the resent IANA allocations to my attention. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The initial file that I uploaded was incorrect. If you downloaded a file that still contains 72.0.0.0/8 then please download again. Sorry for the confusion. An updated bogons file is available at: http://shorewall.net/pub/shorewall/errata/2.0.8/bogons ftp://shorewall.net/pub/shorewall/errata/2.0.8/bogons Thanks to Lorenzo Martignoni for bringing

As far as I can tell from <http://shorewall.net/errata.htm> the current shorewall bogons file is <http://shorewall.net/pub/shorewall/errata/2.0.8/bogons> which contains the line: 58.0.0.0/7 logdrop # Reserved This is incorrect. These two /8s were allocated to APNIC as of April 2004. See also <http://marc.theaimsgroup.com/?l=nanog&m=108319003517919&w=2> and the main

Is my RFC1918 file obsolete? I have been assigned an ip in the 83.0.0.0/8 range, and of cource a lot of Shorewall systems drop me with a RFC1918 error. So, is my ISP actually giving me a RFC1918 IP, or am I missing something? .

Hello All, I have a question about setting up the shorewall firewall for squid, I followed the instructions on "Using Shorewall with Squid" --> "Squid Running in the DMZ" section. For some reason I am unable to get the program to work. I am able to have the squid work properly by using squidclient program, but once I setup the firewall to use the redirect I am unable to

hi: Just a litle update: 41/8 allocated to AfriNIC (APR 2005). 73/8 allocated to ARIN (MAR 2005). hope it helps.

Hello All, I am trying to implement OpenVPN on Fedora core Linux 3 with the latest pathces installed. This server is used only as firewall/internet gateway/proxy/VPN server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12) connected to the local network. I use shorewall 2.4 on this machine. I like to test

https://bugzilla.netfilter.org/show_bug.cgi?id=1464 Bug ID: 1464 Summary: Trying to populate a set raises a netlink error "Could not process rule: No space left on device" Product: nftables Version: unspecified Hardware: x86_64 OS: Gentoo Status: NEW Severity: normal

I bought a UTStarcom F1000 WiFi IP Phone from http://www.luxoncomm.com and tested it with Asterisk. This is a my first impression of the device. The F1000 supports SIP. It looks and operates like a cell phone, and connects to the Internet through WiFi, so you can use it at any WiFi hotspot. I set up a 802.11b wi-fi network with a Linksys BEFW11S4 Wireless-B broadband router with no security

No need to upgrade to this release if you already have the new bogons file or don''t use that file. The primary change is a fix to the install.sh script which previously gave an error on a new install. http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.11 ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.11 Problems corrected in 2.0.11 1) The INSTALL file now include special

I don't know if this is the right place, but it is a place to start. I have two machines in a co-location facility. They are both on the same physical network segement and have real internet addresses and RFC1918 addresses. We get charged for traffic which goes across the "real" internet addresses which is part of the purpose for the RFC1918 network. The problem is connecting

A new rfc1918 file that reflects the recent IANA allocation of 222/8 and 223/8 may be found at: http://www.shorwall.net/pub/shorewall/errata/1.3.14/rfc1918 ftp://ftp.shorewall.net/pub/shorewall/errata/1.3.14/rfc1918 -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net

Hi I''ve come accross a small problem with the rcf1918 address blocking on my internet interface. Im connected via a cable modem and it has an internel web server that allows me to configure/monitor it but as expected if I enable rfc1918 blocking for my eth0 interface(The internet one) it also blocks the cable modems web server. Is there any way it can add a rule before the rfc1918

Hi, I''ve a little problem, I hope so.. First a hint, I haven''t a static IP - Adress and so I used a dyndns Provider. In DMZ runs a sftp server. It should accessible from net. My router is forwarding the traffic from port 22 to the machine in DMZ. Now, in basic installation I have rfc1918-dropping configured by net interface. My problem: If rfc1918 dropping is on I

https://bugzilla.netfilter.org/show_bug.cgi?id=1179 Bug ID: 1179 Summary: vmap and sets cause "BUG: invalid range expression type set" Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: major Priority: P5 Component: nft

In my peculiar setup I need my shorewall router to do one-to-one NAT with RFC1918 addresses. The "external" addresses are 10.215.0.0 and the internal addresses are 192.168.0.0. I can ping, vnc, http, smb from 10.215.144.48 to 10.215.145.237 which is 192.168.44.237 internally. >From 192.168.44.237 I can do http, rdp, ping to 10.215.0.0 hosts. So all seems fine except for the fact

Sorry if this is somewhat offtopic, but I''m interested in knowing how many on the list either manage or have dealt with networks in the following address blocks that have been recently assigned by ARIN: 58.0.0.0/24 59.0.0.0/24 69.0.0.0/24 through 72.0.0.0/24 82.0.0.0/24 through 88.0.0.0/24 We have recently changed ISPs and ended up with an address block in the 72.x space, which is

I came across a problem when one of our clients was not able to access any of the servers on our network. This person has never connected to us before and now for this first time was trying to do it from his home is Houston, TX using earthlink cable service provided by Time Warner. All this information, I think, is important because when I started examining my shorewall logs I found out