Date: Tue, 25 Jan 2000 07:46:57 -0500 From: Mike Tancsa <mike@sentex.net> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: more complete ipfw rules Message-ID: <4.2.2.20000125074438.00ade400@mail.sentex.net> In-Reply-To: <200001250926.BAA70323@gndrsh.dnsmgr.net> References: <4.1.20000124201245.00962220@mail.thegrid.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:26 AM 1/25/2000 -0800, Rodney W. Grimes wrote:
>...
>
> > I have this commented-out line in my ruleset.
> > #$fwcmd add 550 deny log ip from 169.254.0.0/16 to any in via ${out_if}
> > Don't quite remember what it's for. I hope it's not another wasted class
> > B. Can anyone enlighten me?
>
>It is another wasted class B, it is not in any global bgp4 view I can
>find, and disallowed as either src or dst on many a border router.
If you are going to filter this space, be sure to watch what ARIN does, as
64.0.0.0/8 used to be a candidate for filters as well, but is now being
allocated by them.
---Mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.20000125074438.00ade400>