vaheeD khoshnouD

linux, mikrotik, macosx

BOGON Address List

Written by vaheeD on January 2, 2013
3.00 avg. rating (73% score) - 1 vote


Bogon filtering is the practice of filtering bogons, which are bogus IP addresses. Bogon is also an informal name for an IP packet on the public Internet that claims to be from an area of the IP address space reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority (IANA) or a delegated Regional Internet Registry (RIR). The areas of unallocated address space are called the bogon space.

Bogons are not the same as reserved private address ranges, such as those in 10.0.0.0/8172.16.0.0/12 and 192.168.0.0/16, which are reserved for private networks.[1]

Many ISPs and end-user firewalls filter and block bogons, because they have no legitimate use, and usually are the result of accidental or malicious misconfiguration. Bogons can be filtered by using router ACLs, or by BGP blackholing.

See also Generate bogons firewall chain based on routing-marks

You can use this Bogon list with your firewall config, replacing the illegal-addr address lists from the Dmitry on firewallingrules.

/ip firewall address-list
add list="BOGONS" address=0.0.0.0/8
add list="BOGONS" address=10.0.0.0/8
add list="BOGONS" address=100.64.0.0/10
add list="BOGONS" address=127.0.0.0/8
add list="BOGONS" address=169.254.0.0/16
add list="BOGONS" address=172.16.0.0/12
add list="BOGONS" address=192.0.0.0/24
add list="BOGONS" address=192.0.2.0/24
add list="BOGONS" address=192.168.0.0/16
add list="BOGONS" address=198.18.0.0/15
add list="BOGONS" address=198.51.100.0/24
add list="BOGONS" address=203.0.113.0/24
add list="BOGONS" address=224.0.0.0/4

Updated 20/07-2012 according to http://www.cymru.com/Documents/bogon-bn-agg.txt
Wikipedia links on Bogons and Multicast

3.00 avg. rating (73% score) - 1 vote

Posted Under: Linux, MikroTik, Security

About vaheeD

Leave a Reply

Your email address will not be published. Required fields are marked *

Protected by WP Anti Spam