For now I have block most of the bogons plus 44/8 thusly:
/^(0.|10.|44.|127.|169.154.|192.168.|224.)/
When I have more time I will create a more elegant table based filter, so we can allow/deny subnets.
Regards, Chris
On 1 Mar 2013, at 20:56, Brian Kantor wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Fri, Mar 01, 2013 at 08:52:09PM +0000, Chris Smith wrote:
I am also putting in an additional check to ensure the tunnel endpoint is outside 44/8 as well as bogon / un-routable networks.
When the BGP-routed subnets start supplying tunnels to their clients both the destination network and the tunnel origin endpoint will be in network 44 space. Validation will be a bit more complex.
- Brian
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net http://www.ampr.org/donate.html