View Single Post
  #3   (View Single Post)  
Old 20th May 2008
erehwon erehwon is offline
Port Guard
 
Join Date: May 2008
Location: Cascadia
Posts: 34
Default

Quote:
Originally Posted by Nonesuch View Post
Yes.

You want to do this with a table, not a macro.

While it is "safe" to have a static table of just RFC-1918 space, if you want to blackhole the entire "bogon" network space, more care is needed, as ARIN will occasionally allocate addresses out of historically invalid address ranges. One way to play it safe is to use a cron job to automatically download the updated 'bogon' list and populate a table.


A better explanation, along with links to the bogon lists, can be found here: http://www.team-cymru.org/Services/Bogons/
Thanks. So perhaps pull in the unaggregated bogons list and have the table reference that? Seems like that could work nicely.
Reply With Quote