X-Git-Url: http://git.ozo.com/?a=blobdiff_plain;f=bcp38%2Ffiles%2Fbcp38.config;fp=bcp38%2Ffiles%2Fbcp38.config;h=80431e580250f2baeea804036ac12d88c2b58070;hb=fd30ce0fc565a08a3091c983f6de018a42d8c344;hp=0000000000000000000000000000000000000000;hpb=0af5c75f79529e6d0e242c55fb0b17f536c19e5e;p=lede-routing%2F.git

diff --git a/bcp38/files/bcp38.config b/bcp38/files/bcp38.config
new file mode 100644
index 0000000..80431e5
--- /dev/null
+++ b/bcp38/files/bcp38.config
@@ -0,0 +1,22 @@
+config bcp38
+	option enabled 1
+	option interface 'ge00'
+	option detect_upstream 1
+	list match '127.0.0.0/8'
+	list match '0.0.0.0/8'       # RFC 1700
+	list match '240.0.0.0/4'     # RFC 5745
+	list match '192.0.2.0/24'    # RFC 5737
+	list match '198.51.100.0/24' # RFC 5737
+	list match '203.0.113.0/24'  # RFC 5737
+	list match '192.168.0.0/16'  # RFC 1918
+	list match '10.0.0.0/8'      # RFC 1918
+	list match '172.16.0.0/12'   # RFC 1918
+	list match '169.254.0.0/16'  # RFC 3927
+
+# 	list nomatch '172.26.0.0/21' # Example of something not to match
+#	There is a dhcp trigger to do this for the netmask of a 
+#	double natted connection needed
+
+#	I will argue that this level of indirection doesn't scale
+# 	very well - see how to block china as an example
+#	http://www.okean.com/china.txt