On Tue, May 14, 2002 at 01:22:39PM -0400, Jack Broughton wrote: > Isn't 192.168.* a class "B" that's not even routed over the net so you > shouldn't have to worry about blocking it? Same goes for 10.* (and > 172.16.* if memory serves me correctly). It may be that some ISPs use > non-routed IPs for services for their clients before their packets get out > on the net so be careful what you block. I know that from my cable > connection from home my packets get handed off through a bunch of 10.* > routers before they actually get out on the net.
Yes, you are correct. These addresses are know as RFC1918 addresses. They are, by design, unroutable on public networks. A well configured firewall or router, if it sees a packet with a RFC1918 address, will send the packet to /dev/null. RFC1918 suggests that these address be used when setting up private networks, that is, networks on the inside of a firewall. > On the topic of spam I think I am going to block any mail coming from a .ru > domain. I have yet to see anything legitimate and the blackhole lists are > filled with .ru entries. MAPS (http://www.mail-abuse.org) offers free subscriptions to RBL for individuals. Josef -- Josef Grosch | Another day closer to a | FreeBSD 4.5 [EMAIL PROTECTED] | Micro$oft free world | www.bafug.org
