From owner-freebsd-ipfw@FreeBSD.ORG Mon Jan 18 21:05:28 2010 Return-Path: Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 664FD1065676 for ; Mon, 18 Jan 2010 21:05:28 +0000 (UTC) (envelope-from bf1783@googlemail.com) Received: from mail-ew0-f226.google.com (mail-ew0-f226.google.com [209.85.219.226]) by mx1.freebsd.org (Postfix) with ESMTP id 00E478FC12 for ; Mon, 18 Jan 2010 21:05:27 +0000 (UTC) Received: by ewy26 with SMTP id 26so220497ewy.3 for ; Mon, 18 Jan 2010 13:05:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:cc:content-type; bh=SlL2qy3WD7HhUk/EFdTaCKZB+j5H1W+A4/28PuPltAI=; b=Tq4dt4a1l4GHM/F/MxREf5gCNl8phmrbRSF4OJfUtYhFFZLIBZB0GcQaKsNI8Ly+Qz jytITG5LVFD5U6jw/3nhuL0lItaqbgpQ7Q6oCr8zYJh41puia9wWrtGaf2XJUi3SUx8q 9lJk+jeOZMs2rH76cjmkY1MiPwoEbDn95T5IU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:cc:content-type; b=US33xpYOszuChesOH2lsK1HkU2X95TDC+GIrV1N9a52y8WzMQQS0NCGuvC+8W9Ba13 0d1H85Z5UfIy5GyaxdiaZI8MO0KTsbCTGjkRwl5IeVVkOu23uep9CpaM7ahj+P2mCIgL X0sVZ/OK48UxrmjlQmY5tT7yCZl3J5hfSy5Go= MIME-Version: 1.0 Received: by 10.216.89.149 with SMTP id c21mr2396257wef.224.1263846955077; Mon, 18 Jan 2010 12:35:55 -0800 (PST) Date: Mon, 18 Jan 2010 15:35:55 -0500 Message-ID: From: "b. f." To: dougb@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-ipfw@FreeBSD.org Subject: Re: svn commit: r202582 - head/etc/namedb X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jan 2010 21:05:28 -0000 >Author: dougb >Date: Mon Jan 18 18:37:47 2010 >New Revision: 202582 >URL: http://svn.freebsd.org/changeset/base/202582 > >Log: > Update the example named.conf file to answer locally for the newly > released IPv4 documentation ranges (http://tools.ietf.org/html/rfc5737) > and catch up to the IPv6 documentation range and domain names that 5737 > also references. > >Modified: > head/etc/namedb/named.conf What about the corresponding changes to /etc/rc.firewall? From RFC 5737 (my emphasis): "The blocks 192.0.2.0/24 (TEST-NET-1), 198.51.100.0/24 (TEST-NET-2), and 203.0.113.0/24 (TEST-NET-3) are provided for use in documentation ... Addresses within the TEST-NET-1, TEST-NET-2, and TEST-NET-3 blocks SHOULD NOT appear on the public Internet and are used without any coordination with IANA or an Internet registry [RFC2050]. Network operators SHOULD add these address blocks to the list of non-routeable address spaces, and ***if packet filters are deployed, then this address block SHOULD be added to packet filters. These blocks are not for local use, and the filters may be used in both local and public contexts.*** b.