From patchwork Mon Mar 19 01:35:03 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@link38.eu>
X-Patchwork-Id: 1706
Return-Path: <location-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (unknown [172.28.1.200])
	by web02.i.ipfire.org (Postfix) with ESMTP id 1E91A600DA
	for <patchwork@web02.i.ipfire.org>;
	Sun, 18 Mar 2018 15:41:15 +0100 (CET)
X-Virus-Scanned: ClamAV at mail01.ipfire.org
X-Spam-Flag: NO
X-Spam-Score: -0.55
X-Spam-Level: 
X-Spam-Status: No, score=-0.55 tagged_above=-999 required=5
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_LOW=-0.7]
	autolearn=disabled
Received: from mail01.i.ipfire.org (localhost [IPv6:::1])
	by mail01.ipfire.org (Postfix) with ESMTP id A0C821007B63;
	Sun, 18 Mar 2018 14:41:13 +0000 (GMT)
Authentication-Results: mail01.ipfire.org;
	dkim=pass (2048-bit key) header.d=link38.eu header.i=@link38.eu
	header.b="ffWdhBn5"
X-Virus-Scanned: ClamAV at mail01.ipfire.org
Received: from mx-nbg.link38.eu (mx-nbg.link38.eu
	[IPv6:2a03:4000:6:432c:1f9e:48:ac3:199])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (Client CN "mx-nbg.link38.eu",
	Issuer "Let's Encrypt Authority X3" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id DF37210BA4BD
	for <location@lists.ipfire.org>; Sun, 18 Mar 2018 14:35:13 +0000 (GMT)
Authentication-Results: mail01.ipfire.org;
	dmarc=pass (p=none dis=none) header.from=link38.eu
Authentication-Results: mail01.ipfire.org;
	spf=pass smtp.mailfrom=peter.mueller@link38.eu
X-Virus-Scanned: ClamAV at mx-nbg.link38.eu
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=link38.eu; s=201711;
	t=1521383703; x=1523975703;
	bh=6L3d2QIXrTLzBo23EUFR+fgYUL14PqSSFa44oUbfXow=;
	h=Date:From:To:Subject:Message-ID:Content-Type:From:To:Subject:Date:
	Cc;
	b=ffWdhBn5MZgYwLS1J4e8R0YswIUxLbmh/PSjvv8rhQAXWLc2emI5KJenXd60PVXTH
	PBia786UoHmGKKLjtoyEQ6sPiHgjNSZaCQrpUmwkcOVME3/6haaMwU9dWxbk+RF5pf
	1hnSJnYFCoFg7UrC87SZbVYiQi4aDcReAMw0Ypfd6LPujgbbC+CJ9jPvLLTC1ddNNg
	l4DamX3mPBGj8B1qqgHcSADDSKF6hd5ACInl9jzMxymWJGz1g6VNOzmxex9UQGFAEp
	nf2Z5X2UZDHTKeE7QD4Oln0/0zkClGDZaUBGLXTnjUlojQLppAVNRahIN+4mQ3T2MK
	wFUA8XSsvw7cg==
Date: Sun, 18 Mar 2018 15:35:03 +0100
From: Peter =?utf-8?q?M=C3=BCller?= <peter.mueller@link38.eu>
To: "location@lists.ipfire.org" <location@lists.ipfire.org>
Subject: [PATCH] add networks to overrides-other which must not be added
Message-ID: <20180318153503.59271443.peter.mueller@link38.eu>
MIME-Version: 1.0
X-BeenThere: location@lists.ipfire.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <location.lists.ipfire.org>
List-Unsubscribe: <https://lists.ipfire.org/mailman/options/location>,
	<mailto:location-request@lists.ipfire.org?subject=unsubscribe>
List-Archive: <https://lists.ipfire.org/pipermail/location/>
List-Post: <mailto:location@lists.ipfire.org>
List-Help: <mailto:location-request@lists.ipfire.org?subject=help>
List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/location>,
	<mailto:location-request@lists.ipfire.org?subject=subscribe>
Errors-To: location-bounces@lists.ipfire.org
Sender: "Location" <location-bounces@lists.ipfire.org>

These networks are covered for special use by some RFCs
and must not be added to the database.

Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
 country-overrides/override-other.txt | 56 ++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

diff --git a/country-overrides/override-other.txt b/country-overrides/override-other.txt
index d7ba5b9..1a83829 100644
--- a/country-overrides/override-other.txt
+++ b/country-overrides/override-other.txt
@@ -10,3 +10,59 @@
 # or hostile (faked WHOIS data in order to bypass country filtering or
 # to hide the owners' identity).
 #
+# Further, some networks (such as RFC1918 addresses) must not be
+# added to the database since it does not make sense to do so.
+#
+
+# never add private address blocks (RFC1918)
+net:		10.0.0.0/8
+descr:		RFC1918 private address block
+remarks:	must not be added to the database
+newcountry:
+
+net:		172.16.0.0/12
+descr:		RFC1918 private address block
+remarks:	must not be added to the database
+newcountry:
+
+net:	 	192.168.0.0/16
+descr:		RFC1918 private address block
+remarks:	must not be added to the database
+newcountry:
+
+# never add other special address blocks
+net:		0.0.0.0/8
+descr:		RFC3232 current network alias
+remarks:	must not be added to the database
+newcountry:
+
+net:		100.64.0.0/10
+descr:		RFC6598 provider CNAT network
+remarks:	must not be added to the database
+newcountry:
+
+net:		127.0.0.0/8
+descr:		RFC3330 localnet
+remarks:	must not be added to the database
+newcountry:
+
+net:		169.254.0.0/16
+descr:		RFC5735 link-local address block
+remarks:	must not be added to the database
+newcountry:
+
+net:		224.0.0.0/4
+descr:		RFC3171 multicast network
+remarks:	must not be added to the database
+newcountry:
+
+net:		::/128
+descr:		IPv6 address which must not assigned anywhere
+remarks:	must not be added to the database
+newcountry:
+
+net:		::1/128
+descr:		IPv6 localhost address
+remarks:	must not be added to the database
+newcountry:
+