<![CDATA[Block private & bogon networks]]>Hello!

I have a 6 NIC box, with 3 LAN and 3 WAN. The options [Block private networks] & [Block bogon networks] appear only on the first WAN interface of pfSense.

If I want to filter private & bogon networks at my 3 WAN …

Must I to define an [Aliases] for private & bogon networks and put blocking rules at my 3 WAN ?

Is it correct ?

Note: I have an snort machine at the LAN side and sometimes it detects some packets from private & bogons networks.

Regards,

Josep Pujadas

]]>https://forum.netgate.com/topic/4598/block-private-bogon-networksRSS for NodeMon, 09 Mar 2026 09:28:13 GMTThu, 17 May 2007 07:19:43 GMT60<![CDATA[Reply to Block private & bogon networks on Fri, 18 May 2007 16:17:14 GMT]]>Ok!

Thanks, Cry

]]>https://forum.netgate.com/post/155155https://forum.netgate.com/post/155155Fri, 18 May 2007 16:17:14 GMT<![CDATA[Reply to Block private & bogon networks on Fri, 18 May 2007 13:54:09 GMT]]>A number of ISPs use RFC1918 addresses internally - certainly my initial DHCP lease comes from a 10.x address and parts of my traceroute to the Internet go through various RFC1918 addresses.  Also, many cable and ADSL modems have an RFC1918 configuration address.

In short - I'm not surprised by what you're seeing.

]]>https://forum.netgate.com/post/155149https://forum.netgate.com/post/155149Fri, 18 May 2007 13:54:09 GMT<![CDATA[Reply to Block private & bogon networks on Thu, 17 May 2007 19:02:46 GMT]]>Yes, of course …

But sometimes I see things like these:

Generated by BASE v1.3.5 (marie) on Thu, 17 May 2007 20:58:05 +0200

#1-59854| [2007-05-16 11:53:48] 10.2.44.1 -> 192.168.XXX.XXX [local/485] [snort/1:485]  ICMP Destination Unreachable Communication Administratively Prohibited
#1-59855| [2007-05-16 11:53:51] 10.2.44.1 -> 192.168.XXX.XXX [local/485] [snort/1:485]  ICMP Destination Unreachable Communication Administratively Prohibited
#1-59856| [2007-05-16 11:53:54] 10.2.44.1 -> 192.168.XXX.XXX [local/485] [snort/1:485]  ICMP Destination Unreachable Communication Administratively Prohibited
#1-59858| [2007-05-16 11:53:57] 10.2.44.1 -> 192.168.XXX.XXX [local/485] [snort/1:485]  ICMP Destination Unreachable Communication Administratively Prohibited
#1-59859| [2007-05-16 11:54:03] 10.2.44.1 -> 192.168.XXX.XXX [local/485] [snort/1:485]  ICMP Destination Unreachable Communication Administratively Prohibited
#1-59861| [2007-05-16 11:54:15] 10.2.44.1 -> 192.168.XXX.XXX [local/485] [snort/1:485]  ICMP Destination Unreachable Communication Administratively Prohibited

and if I made (with one of my FreeBSD servers at LAN side):

nmap -v -P0 10.2.44.1

10.2.44.1 has no ports opened but it is alive !!!

Regards,

Josep Pujadas

]]>https://forum.netgate.com/post/155128https://forum.netgate.com/post/155128Thu, 17 May 2007 19:02:46 GMT<![CDATA[Reply to Block private & bogon networks on Thu, 17 May 2007 18:04:32 GMT]]>I'd hope you're using "private" (RFC1918) addresses on your LAN, unless of course you've been allocated a netblock of your own…

]]>https://forum.netgate.com/post/155122https://forum.netgate.com/post/155122Thu, 17 May 2007 18:04:32 GMT