[...] That means, prior to end of Q1, the bogon list will be: 0/8 10/8 127/8 172.16/12 192.168/16 224/3
There's a number of special-use ranges that are not in this list, but which should not occur as (source) addresses on the internet. So if you're manually configuring a list and are sufficiently paranoid refer to RFC5735 and use these additional ones:
192.0.0/24 (future-use special purpose) 192.0.2/24 (TEST-NET-1) 198.18/15 (benchmark testing of interconnect devices) 198.51.100/24 (TEST-NET-2) 203.0.113/24 (TEST-NET-3) You should filter these source addresses as well: 169.254/16 (link-local addresses) 192.88.99/24 (6to4 anycast, not a valid *source* address) --------------------------------------------------------------------- To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com For additional commands, e-mail: discussion-h...@pfsense.com Commercial support available - https://portal.pfsense.org
