Mailinglist Archive: opensuse-security (511 mails)
| < Previous | Next > |
Re: [suse-security] SuSEfirewall2: are these IPs private or not?
- From: Steffen Dettmer <steffen@xxxxxxx>
- Date: Tue, 28 Aug 2001 21:30:26 +0200
- Message-id: <20010828213026.D31318@xxxxxxxxx>
* Thomas Nowak wrote on Tue, Aug 28, 2001 at 09:47 +0200:
> Dieter Huerten wrote:
> > > 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> > > 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> > > 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
> echo "$PART1" | $GREP -Eq '^10\.|^172\.1|^192\.168\.' || {
> echo "Warning: The network $DEV_IP you want to masquerade is not from a private
> network"
> echo ' e.g. 10.0.0.0/8, 172.16.0.0/11 or 192.168.0.0/16 - change this!'
> }
> So he looks only if the address begin with 172.1*
> not very RFC konform :-)
should be changed. Well, I have no nice idea about a real cool
regex, but:
echo "$PART1" | $GREP -Eq \
'^10\.|^172\.(16|17|18|19|2.|30|31)\.|^192\.168\.' ....
should work. Improvements?
oki,
Steffen
--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.
> Dieter Huerten wrote:
> > > 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> > > 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> > > 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
> echo "$PART1" | $GREP -Eq '^10\.|^172\.1|^192\.168\.' || {
> echo "Warning: The network $DEV_IP you want to masquerade is not from a private
> network"
> echo ' e.g. 10.0.0.0/8, 172.16.0.0/11 or 192.168.0.0/16 - change this!'
> }
> So he looks only if the address begin with 172.1*
> not very RFC konform :-)
should be changed. Well, I have no nice idea about a real cool
regex, but:
echo "$PART1" | $GREP -Eq \
'^10\.|^172\.(16|17|18|19|2.|30|31)\.|^192\.168\.' ....
should work. Improvements?
oki,
Steffen
--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.
| < Previous | Next > |