Date: Tue, 21 Sep 2004 22:30:59 +0800 (CST) From: adrian kok <adriankok2000@yahoo.com.hk> To: questions@freebsd.org Subject: ipfw and access-list Message-ID: <20040921143059.7681.qmail@web21202.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Dear all
I am using freebsd as router and firewall
I have question about the following rules
implemented on ipfw and access-list of zebra
Do I have any problem and slow down the router using
same rule?
Thank you so much
# Deny all inbound traffic from non-routable reserved
address spaces
$cmd 00300 deny all from 192.168.0.0/16 to any in via
$pif #RFC 1918 private IP
$cmd 00301 deny all from 172.16.0.0/12 to anyin via
$pif #RFC 1918 private IP
$cmd 00302 deny all from 10.0.0.0/8 to anyin via $pif
#RFC 1918 private IP
$cmd 00303 deny all from 127.0.0.0/8 to anyin via $pif
#loopback
$cmd 00304 deny all from 0.0.0.0/8 to anyin via $pif
#loopback
$cmd 00305 deny all from 169.254.0.0/16 to anyin via
$pif #DHCP auto-config
$cmd 00306 deny all from 192.0.2.0/24 to anyin via
$pif #reserved for doc's
$cmd 00307 deny all from 204.152.64.0/23 to anyin via
$pif #Sun cluster interconnect
$cmd 00308 deny all from 224.0.0.0/3 to anyin via $pif
#Class D & E multicast
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040921143059.7681.qmail>