[Firestarter-user] non-routable IP's
Brought to you by:
majix
From: Alex O'C. <aoc...@ki...> - 2001-02-28 17:57:56
|
Hi Thomas I have a question regarding the part in your script that blocks non-routable IP's. As far as I know there's 3 blocks of private IP's : 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255 You have those covered as well as the loopback address. Now my question concerns the other lines where you block the following IP's 128.66.0.0/16 197.0.0.0/16 201.0.0.0/8 I never heard that those addresses are non-routable and after asking a few people no-one knew why you'd wanna block those. Also why did you leave the 10.0.0.0/8 out? This should be blocked just like the other private IP's right? Can you enlighten me please on this ? Btw. when I use my own script nothing gets logged although I enabled logging every single packet that comes into the outside interface. I checked /var/log/messages and its full of entries but nothing shows up in firestarter. I also use ethereal to monitor my interface and it shows tons of stuff coming in. Let me know what you think. Thanks ALEX |