Hmmm... Strange that I see : --- firehol-1.231.orig/firehol-lib.sh +++ firehol-1.231/firehol-lib.sh @@ -284,7 +284,7 @@ # Optimized (CIDR) by Marc 'HE' Brockschmidt <[EMAIL PROTECTED]> # Further optimized and reduced by http://www.vergenet.net/linux/aggregate/ # The supplied get-iana.sh uses 'aggregate-flim' if it finds it in the path. -RESERVED_IPS="0.0.0.0/7 2.0.0.0/8 5.0.0.0/8 7.0.0.0/8 23.0.0.0/8 27.0.0.0/8 31.0.0.0/8 36.0.0.0/7 39.0.0.0/8 41.0.0.0/8 42.0.0.0/8 73.0.0.0/8 74.0.0.0/7 76.0.0.0/6 89.0.0.0/8 90.0.0.0/7 92.0.0.0/6 96.0.0.0/3 173.0.0.0/8 174.0.0.0/7 176.0.0.0/5 184.0.0.0/6 189.0.0. 0/8 190.0.0.0/8 197.0.0.0/8 223.0.0.0/8 240.0.0.0/4" +RESERVED_IPS="0.0.0.0/7 2.0.0.0/8 5.0.0.0/8 7.0.0.0/8 23.0.0.0/8 27.0.0.0/8 31.0.0.0/8 36.0.0.0/7 39.0.0.0/8 42.0.0.0/8 77.0.0.0/8 78.0.0.0/7 92.0.0.0/6 96.0.0.0/4 112.0.0.0/5 120.0.0.0/8 127.0.0.0/8 173.0.0.0/8 174.0.0.0/7 176.0.0.0/5 184.0.0.0/6 197.0.0.0/8 223. 0.0.0/8 240.0.0.0/4 "
in the Debian patch (http://ftp.de.debian.org/debian/pool/main/f/firehol/firehol_1.231-7.diff.gz) Why this patch added 77.0.0.0/8 to the upstream definitions for that old version whereas such class is currently no longer reserved, I don't know... Anyway, there are other changes, and I'm not aware of any back and forth on IANA side, so I don't know what's best. I think that having the most up to date list on production (stable distro) servers would be great... hence volatile ? (see #455754) Hope this helps, -- Olivier BERGER <[EMAIL PROTECTED]> (ATTENTION : new address) Ingénieur Recherche - Dept INF GET/INT at Evry (http://www.int-edu.eu/) OpenPGP-Id: 1024D/6B829EEC
