SBC (formerly Southwestern Bell) has begun routing addresses in the 70.240.0.0 - 70.240.255.255 address range onto the public Internet. One of my user's DSL link has been reassigned into that range. I've had the untrusted/WAN interface on mnf8.2 set to NORFC1918 and discovered that these addresses are being blocked:
May 25 14:46:34 firewall kernel: Shorewall:rfc1918:DROP:IN=eth1 OUT=eth0 SRC=70.240.xxx.xxx DST=192.168.xxx.xxx LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=6403 DF PROTO=TCP SPT=1076 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0 May 25 14:56:11 firewall kernel: Shorewall:rfc1918:DROP:IN=eth1 OUT=eth0 SRC=70.240.xxx.xxx DST=192.168.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=26257 DF PROTO=TCP SPT=4710 DPT=143 WINDOW=0 RES=0x00 ACK RST URGP=0 I've shut off the NORFC1918 on the interface, so the user can now connect to his email. But, I'd like to get this resolved and get RFC1918 blocking turned back on. 1) Why is MNF treating 70/8 network as RFC1918? 2) Is there a way to make RFC1918 blocking strictly adhere to 10/8, 172.16/12 and 192.168/16? Thanks for any help.
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
