Feature #1299
closed
update /etc/bogons
0%
Description
This is follow-up from http://redmine.pfsense.org/issues/1297
Basically the default /etc/bogons is fairly out-of-date, so when you have built and boot up your first firewall, you might me scratching your head for a good few hours, wondering why some networks are being blocked. Then out of the sudden, they will be allowed, that's when /etc/rc.update_bogons.sh kicks in from cron. I have learnt in the hard way.
I would like to propose the following changes:
1. most recent "bogons" to be included in next and every new release
2. /etc/bogons to be updated at boot time
3. the update script to fall back to hardcoded IP, if DNS is not available
Updated by Chris Buechler almost 15 years ago
- Status changed from New to Rejected
every release already has the latest, it updates at the completion of the setup wizard for new installs, and automatically from there. Can't hard code IPs as the location of the server is subject to change and we're not going to leave a hard coded IP to potentially be hit by thousands of hosts that don't have functional DNS. It's fine as is.
Updated by don mkumba almost 15 years ago
Please compare /etc/bogons in 1.2.3 LiveCD and http://files.pfsense.org/bogon-bn-nonagg.txt, massive difference. Would be good to have fairly recent bogons, from the CD, immediately after install, as not every box is connected to the net at install to get the updates, and then have to wait a few hours during which some fairly big chunks of the Internet are being blocked.