Potential regex bug with IPv4 Bogon parsing

  • We received a complaint from another ISP claiming we were blocking their range. The range in question is

    A look at the Firewall logs revealed a surprise: it was being blocked because it was on the list of Bogon networks. I couldn't believe it so I looked at the list of Bogons myself but I couldn't find a CIDR that would match. I'm referring to the list that pfSense updates from, found here:


    I had to temporarily disable Bogon filtering in the Rules section, to allow this ISP's customers to reach machines behind our firewall.

    Is this a bug in how pfSense Bogons are parsed? There's a range in there that's close:
    Is it possible a parsing bug associates the ISP's range with this Bogon network above?

    I didn't want to submit a full bug report before confirming it here first, on the forum.


  • LAYER 8 Global Moderator

    I don't see how that could happen if you go under diag, tables you can look at the bogon table - what is in there?  I don't see this 185.149  - you sure that was his IP he was coming from?  You saw it in the logs for blocked bogons?

  • Rebel Alliance Developer Netgate

    Your local copy of that file may be out of date. Check Diagnostics > Tables, and pick bogons there. Click the update button to refresh your local copy.

Log in to reply