Mailinglist Archive: opensuse-security (511 mails)
| < Previous | Next > |
Re: [suse-security] SuSEfirewall2: are these IPs private or not?
- From: Dieter Huerten <dieter.huerten@xxxxxxxxxx>
- Date: Tue, 28 Aug 2001 00:00:42 +0200
- Message-id: <3B8AC30A.39A824C0@xxxxxxxxxx>
Hi all!!
Sorry to step in here (without being asked -- hehe!)
IMHO we miss the point ?-(
ALL answers are correct [more or less -- no flames!], but doesn't answer
his question!
Florian Pressler wrote:
> Hi!
>
> In RFC1918, I found this:
>
> The Internet Assigned Numbers Authority (IANA) has reserved the
> following three blocks of the IP address space for private internets.
> 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
>
> I decides to assign the following IPs to the hosts in my LAN:
> 172.20.30.40/29, i.e 172.20.30.41 - 172.20.30.46.
IMHO good (/acceptable) decision ;-)
> When I start SuSEfirewall2, there appears an errormessage:
> The network 172.20.30.40/29 you want to masquerade is not from a
> private network. Change this!
>
> Is this an error of SuSEfirwall2, or do I misunderstand something
> completely?
If I read Florian's posting right, it's not the question if/if not take
these address and/or if it's 'free address space' nor it's a CIDR/other routing problem!
(Maybe I'm wrong!?!)
Said this, for me the question/answer is quite interesting:
--> WHY does SuSEfirewall2 assume, that THIS ADDRESS isn't from a private network???
My apologies for I didn't use SuSEfirewall2 at the moment, maybe Florian has to give
more informations, maybe the answer could only be given by the 'firewall-gurus' or the
author of the script -- but I'm really wondering why this errormessage appears!
Any explanation _greatly_ appreciated!
--
best greetings from
Solingen /GERMANY
Dieter Hürten
Sorry to step in here (without being asked -- hehe!)
IMHO we miss the point ?-(
ALL answers are correct [more or less -- no flames!], but doesn't answer
his question!
Florian Pressler wrote:
> Hi!
>
> In RFC1918, I found this:
>
> The Internet Assigned Numbers Authority (IANA) has reserved the
> following three blocks of the IP address space for private internets.
> 10.0.0.0 - 10.255.255.255 (10/8 prefix)
> 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
> 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
>
> I decides to assign the following IPs to the hosts in my LAN:
> 172.20.30.40/29, i.e 172.20.30.41 - 172.20.30.46.
IMHO good (/acceptable) decision ;-)
> When I start SuSEfirewall2, there appears an errormessage:
> The network 172.20.30.40/29 you want to masquerade is not from a
> private network. Change this!
>
> Is this an error of SuSEfirwall2, or do I misunderstand something
> completely?
If I read Florian's posting right, it's not the question if/if not take
these address and/or if it's 'free address space' nor it's a CIDR/other routing problem!
(Maybe I'm wrong!?!)
Said this, for me the question/answer is quite interesting:
--> WHY does SuSEfirewall2 assume, that THIS ADDRESS isn't from a private network???
My apologies for I didn't use SuSEfirewall2 at the moment, maybe Florian has to give
more informations, maybe the answer could only be given by the 'firewall-gurus' or the
author of the script -- but I'm really wondering why this errormessage appears!
Any explanation _greatly_ appreciated!
--
best greetings from
Solingen /GERMANY
Dieter Hürten
| < Previous | Next > |