Recently we had to allow all public IP addresses through Cisco FWSM. I was googling for the list, but I wasn't able to find it. It took me approximately 2 hours to have that list compiled, and I decided to share it. Hopefully someone out there will find it useful. Here is the list. Feel free to copy paste it.
network-object 1.0.0.0 255.0.0.0
network-object 2.0.0.0 254.0.0.0
network-object 4.0.0.0 252.0.0.0
network-object 8.0.0.0 254.0.0.0
network-object 11.0.0.0 255.0.0.0
network-object 12.0.0.0 252.0.0.0
network-object 16.0.0.0 240.0.0.0
network-object 32.0.0.0 224.0.0.0
network-object 64.0.0.0 192.0.0.0
network-object 128.0.0.0 224.0.0.0
network-object 160.0.0.0 248.0.0.0
network-object 168.0.0.0 252.0.0.0
network-object 172.0.0.0 255.240.0.0
network-object 172.32.0.0 255.224.0.0
network-object 172.64.0.0 255.192.0.0
network-object 172.128.0.0 255.128.0.0
network-object 173.0.0.0 255.0.0.0
network-object 174.0.0.0 254.0.0.0
network-object 176.0.0.0 240.0.0.0
network-object 192.0.0.0 255.128.0.0
network-object 192.128.0.0 255.224.0.0
network-object 192.160.0.0 255.248.0.0
network-object 192.169.0.0 255.255.0.0
network-object 192.170.0.0 255.254.0.0
network-object 192.172.0.0 255.252.0.0
network-object 192.176.0.0 255.240.0.0
network-object 192.192.0.0 255.192.0.0
network-object 193.0.0.0 255.0.0.0
network-object 194.0.0.0 254.0.0.0
network-object 196.0.0.0 252.0.0.0
network-object 200.0.0.0 248.0.0.0
network-object 208.0.0.0 240.0.0.0
Note: Excluded ranges from the list are: 0.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 224.0.0.0/3. If you decide to include 0.0.0.0/8 on the list you'll save 2 lines by summarizing: 0.0.0.0/5.
Maybe for your needs you need to reconsider bogons (http://www.cymru.com/Documents/bogon-bn-agg.txt), but then this list will become much bigger.
1 comment:
Thanks!
Post a Comment