Hi! > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Friday, July 16, 2004 7:06 AM > To: [EMAIL PROTECTED] > Subject: Re: [leaf-user] RFC1918 packets to NET > > > > At 16:44 15.07.2004 +0300, [EMAIL PROTECTED] wrote: > > > > >I 've noticed that when installing the default shorewall > configuration of= > > Bering-* > > >there is no block of rfc1918 packets going out to NET .... > > >That is traceroute from LOC of any address not included in > LOCAL LAN but in= > > the RFC1918 range will go out and traverse the net( > Default route ).
RFC1918 cannot be blocked by default, because some ISP's provide these addresses to their customers, so, if we did block them Bering-uClibc would no longer work, and that would be our fault. [snip] > > Supose a user from LOC LAN and address 192.168.1.4 pings or > trace(s)route to 10.0.1.1 which it is not used in local or > any other zone .. > > 10.0.1.1 is DST > > If an observer in the net zone ( the ISP ) observes packets > comming in from > source address 62.12.1.1 > tcpdump -i someif0 src address 62.12.1.1 > > She will see these ping or traceroute packets with the > following characteristics. > > SRC=62.12.1.1 DST=10.0.1.1 > > Am I right or am I right ??? > > So we have a packet destined to a private address space > looking around the internet to contact address 10.0.1.1 ( noise ). > > > So let me repeat > > Who is responsible to stop or drop or kill this packet ????? > The ISP or The firewall admin ??? > IMHO it is the firewall admin's responsability. Use 'norfc1918' in the interface that connects to the net in '/etc/shorewall/interfaces' Luis Correia Bering uClibc Team Member PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 Key Server: http://pgp.mit.edu ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
