//
// NOTE: This list is changing all the time (naturally) and serves as an
// example only. It is up to you to keep this list up-to-date. In Mandriva
// Linux we allow the 192.168.0.0/16 network to do recursive lookups per
// default. If you don't like this you need to change this now.
//
// http://qa.mandriva.com/en/show_bug.cgi?id=27981
//
// The list was taken from http://www.cymru.com/Documents/secure-bind-template.html
// Secure BIND Template Version 6.3 27 MAY 2008
//
// You should keep an eye on http://www.iana.org/assignments/ipv4-address-space in
// order to stay up to date.
//
// NOTE: As of Fri Jul 31 2009 this file isn't used anymore and serves as an example
// only. You should instead look at:
// http://www.team-cymru.org/Services/Bogons/
//
// $Id: bogon_acl.conf 405097 2009-07-31 12:51:25Z oden $
// $HeadURL: svn+ssh://svn.mandriva.com/svn/packages/cooker/bind/current/SOURCES/bogon_acl.conf $
acl "bogon" {
// Filter out the bogon networks. These are networks
// listed by IANA as test, RFC1918, Multicast, experi-
// mental, etc. If you see DNS queries or updates with
// a source address within these networks, this is likely
// of malicious origin. CAUTION: If you are using RFC1918
// netblocks on your network, remove those netblocks from
// this list of blackhole ACLs!
0.0.0.0/8;
1.0.0.0/8;
2.0.0.0/8;
5.0.0.0/8;
10.0.0.0/8;
14.0.0.0/8;
23.0.0.0/8;
27.0.0.0/8;
31.0.0.0/8;
36.0.0.0/8;
37.0.0.0/8;
39.0.0.0/8;
42.0.0.0/8;
46.0.0.0/8;
49.0.0.0/8;
50.0.0.0/8;
100.0.0.0/8;
101.0.0.0/8;
102.0.0.0/8;
103.0.0.0/8;
104.0.0.0/8;
105.0.0.0/8;
106.0.0.0/8;
107.0.0.0/8;
108.0.0.0/8;
109.0.0.0/8;
110.0.0.0/8;
111.0.0.0/8;
169.254.0.0/16;
172.16.0.0/12;
175.0.0.0/8;
176.0.0.0/8;
177.0.0.0/8;
178.0.0.0/8;
179.0.0.0/8;
180.0.0.0/8;
181.0.0.0/8;
182.0.0.0/8;
183.0.0.0/8;
184.0.0.0/8;
185.0.0.0/8;
192.0.2.0/24;
// 192.168.0.0/16;
197.0.0.0/8;
198.18.0.0/15;
223.0.0.0/8;
224.0.0.0/3;
};
distrib
>
Mageia
>
1
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
019a159739c205369c02e3bffac6066e
>
files
>
30
