nanog mailing list archives
Re: Filtering Source Addresses on gw-internet
From: Greg Ketell <gketell () cisco com>
Date: Tue, 12 Aug 1997 13:06:26 -0700
-----BEGIN PGP SIGNED MESSAGE----- At 03:05 PM 8/12/97 -0400, C. Jon Larsen wrote:
gw-internet#show access-lists 120 Extended IP access list 120 deny ip any 10.0.0.0 0.255.255.255 log deny ip any 172.16.0.0 0.0.255.255 log deny ip any 172.17.0.0 0.0.255.255 log deny ip any 192.168.0.0 0.0.255.255 log permit ip a.b.c.0 0.0.0.255 any (27429 matches) deny ip any any log
Line 2 and 3 could be replaced by deny ip any 172.16.0.0 0.15.255.255 log which would block all 172.16.0.0-172.31.0.0 as per the RFC. You might also want to block 127.0.0.0. GK -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQEVAwUBM/DBxW384++etaQJAQGlwAgAoVjoB5EZCaYjzvmwWaVeO5zOPTipegDE 0TX2Xg2L5yIClAeiWD4f0T4E4jCH5BtSwoitlu9fcHlsPo4VRwOutQssIJHL+sUR Ps1NEot6pwOu+slCwklLhqVwyouv0UHI0Fxal5aCM65X+WNH8+5HvE9g4uBQp8A6 o6HzM++69FKwg8pdQ82HNnjToVZxsqwH41HNSHC0HjLvJG+uZPBFlzLEdnvkNSRg fikSERpnZAa+QzpTRjtTcK3XC2DEYGAi0wifn9mbyRav9xenzvNl+rUV5Fg/jbFS jDFhiLFJc/7o3Y5+9HoA9keBEqeFMle86BGjX09C1FKLtPnVhTwSpQ== =ZNYx -----END PGP SIGNATURE-----
Current thread:
- Filtering Source Addresses on gw-internet C. Jon Larsen (Aug 12)
- Re: Filtering Source Addresses on gw-internet Greg Ketell (Aug 12)
- Re: Filtering Source Addresses on gw-internet C. Jon Larsen (Aug 13)
- <Possible follow-ups>
- Re: Filtering Source Addresses on gw-internet C. Jon Larsen (Aug 12)
- Re: Filtering Source Addresses on gw-internet Jon Lewis (Aug 12)
- Re: Filtering Source Addresses on gw-internet Greg Ketell (Aug 13)
- Re: Filtering Source Addresses on gw-internet Greg Ketell (Aug 14)
- Re: Filtering Source Addresses on gw-internet Jon Lewis (Aug 15)
- Re: Filtering Source Addresses on gw-internet Tony Li (Aug 15)
- Re: Filtering Source Addresses on gw-internet Jon Lewis (Aug 15)
- Re: Filtering Source Addresses on gw-internet Greg Ketell (Aug 12)