[plug] Annotated comprehensive list of IPs to block
Leon Brooks
leon at brooks.fdns.net
Mon Jul 22 22:51:16 WST 2002
On Mon, 22 Jul 2002 20:51, Adrian Woodley wrote:
> [Leon borrowing Adrian's Horde]
>
> This list (collateral damage of yakking about iptables at the PLUG fixit
> meeting) is a set of BSD filter rules, easily translatable to iptables.
...and farewell text attachment. Oh well, here it is anyway, glad I sent it to
myself as well:
#################################################################
# Block packets coming from anything on the internet that
# shouldn't be there
# whois.arin.net
#################################################################
block in log quick from 0.0.0.0/7 to any group 100
block in log quick from any to 0.0.0.0/7 group 100
block in log quick from 0.0.0.0/8 to any group 100 #Odd Loopback Reserved
block in log quick from any to 0.0.0.0/8 group 100 #Odd Loopback Reserved
block in log quick from 2.0.0.0/8 to any group 100 #Unassigned
block in log quick from any to 2.0.0.0/8 group 100 #Unassigned
block in log quick from 5.0.0.0/8 to any group 100 #Unassigned
block in log quick from any to 5.0.0.0/8 group 100 #Unassigned
block in log quick from 10.0.0.0/8 to any group 100 #Private Class A RFC 1918
block in log quick from any to 10.0.0.0/8 group 100 #Private Class A RFC 1918
block in log quick from 20.20.20.0/24 to any group 100 #Netblock reserved by
Sun Microsystems for Private Cluster Interconnect
block in log quick from any to 20.20.20.0/24 group 100 #Netblock reserved by
Sun Microsystems for Private Cluster Interconnect
block in log quick from 23.0.0.0/8 to any group 100
block in log quick from any to 23.0.0.0/8 group 100
block in log quick from 27.0.0.0/8 to any group 100
block in log quick from any to 27.0.0.0/8 group 100
block in log quick from 31.0.0.0/8 to any group 100
block in log quick from any to 31.0.0.0/8 group 100
block in log quick from 67.0.0.0/8 to any group 100
block in log quick from any to 67.0.0.0/8 group 100
block in log quick from 68.0.0.0/6 to any group 100
block in log quick from any to 68.0.0.0/6 group 100
block in log quick from 72.0.0.0/5 to any group 100
block in log quick from any to 72.0.0.0/5 group 100
block in log quick from 80.0.0.0/4 to any group 100
block in log quick from any to 80.0.0.0/4 group 100
block in log quick from 96.0.0.0/3 to any group 100 #unassigned with the
exception of 127.0.0.0/8
block in log quick from any to 96.0.0.0/3 group 100
block in log quick from 127.0.0.0/8 to any group 100 #Loopback
block in log quick from any to 127.0.0.0/8 group 100 #Loopback
block in log quick from 128.0.0.0/16 to any group 100
block in log quick from any to 128.0.0.0/16 group 100
block in log quick from 128.66.0.0/16 to any group 100
block in log quick from any to 128.66.0.0/16 group 100
block in log quick from 169.254.0.0/16 to any group 100 #assigned by the
IANA for use in auto-configuration of DHCP default
block in log quick from any to 169.254.0.0/16 group 100 #assigned by the
IANA for use in auto-configuration of DHCP default
block in log quick from 172.16.0.0/16 to any group 100 #Private Class B
block in log quick from any to 172.16.0.0/16 group 100 #Private Class B
block in log quick from 191.255.0.0/16 to any group 100
block in log quick from any to 191.255.0.0/16 group 100
block in log quick from 192.0.2.0/24 to any group 100 #been reserved for use
as an example IP netblock for documentation authors
block in log quick from any to 192.0.2.0/24 group 100 #been reserved for use
as an example IP netblock for documentation authors
pass in quick from any to 192.168.1.10 port = 80 group 100
block in log quick from 192.168.0.0/16 to any group 100 #Private Class C RFC
1918 Private
block in log quick from any to 192.168.0.0/16 group 100 #Private Class C RFC
1918 Private
block in log quick from 197.0.0.0/8 to any group 100 #Unassigned
block in log quick from any to 197.0.0.0/8 group 100 #Unassigned
block in log quick from 201.0.0.0/8 to any group 100
block in log quick from any to 201.0.0.0/8 group 100
block in log quick from 204.152.64.0/23 to any group 100 #Netblock reserved
by Sun Microsystems for Private Cluster Interconnect
block in log quick from any to 204.152.64.0/23 group 100 #Netblock reserved
by Sun Microsystems for Private Cluster Interconnect
block in log quick from 224.0.0.0/3 to any group 100 #Multicast Class D
block in log quick from any to 224.0.0.0/3 group 100 #Multicast Class D
block in log quick from 240.0.0.0/4 to any group 100 #Unspecified (Class D)
block in log quick from any to 240.0.0.0/4 group 100 #Unspecified (Class D)
# allow certain classes of ICMP
# Traceroute Unix requires type: 3, UDP port 33000
# Tracert Microsoft requires type: 0, 8, 11
# Ping (Packet InterNet Groper) requires type: 8, 0
#pass in quick proto icmp all group 100
pass in quick proto icmp all icmp-type 0 group 100 #Echo Reply
pass in log quick proto icmp all icmp-type 3 group 100 #Destination
Unreachable
pass in log quick proto icmp all icmp-type 4 group 100 #Source Quench
pass in log quick proto icmp all icmp-type 5 group 100 #Redirect
pass in log quick proto icmp all icmp-type 8 group 100 #Echo Request
pass in log quick proto icmp all icmp-type 11 group 100 #Time Exceeded
pass in log quick proto icmp all icmp-type 12 group 100 #Parameter Problem
pass in log quick proto icmp all icmp-type 13 group 100 #Timestamp request
pass in log quick proto icmp all icmp-type 14 group 100 #Timestamp reply
pass in log quick proto icmp all icmp-type 15 group 100 #Information Request
pass in log quick proto icmp all icmp-type 16 group 100 #Information Reply
pass in log quick proto icmp all icmp-type 17 group 100 #Address Mask Request
pass in log quick proto icmp all icmp-type 18 group 100 #Address Mask Reply
More information about the plug
mailing list