ISDB Bogon IPv4 Address Object

johnlloyd_13 · ‎12-17-2024

hi,

i'm trying to create a FW policy in FMG to block "bogon" ipv4.

i just saw RFC1918 address FW address object but there's none for "bogon".

does fortinet considering to add these address space in a group/address object in future upgrade?

can someone also confirm these are true bogon IP ranges? just want to ensure i don't block "legit" traffic/range.

IPv4 Bogon Ranges
Netblock Description

0.0.0.0/8 "This" network

10.0.0.0/8 Private-use networks

100.64.0.0/10 Carrier-grade NAT
127.0.0.0/8 Loopback
127.0.53.53 Name collision occurrence
169.254.0.0/16 Link local

172.16.0.0/12 Private-use networks

192.0.0.0/24 IETF protocol assignments
192.0.2.0/24 TEST-NET-1

192.168.0.0/16 Private-use networks

198.18.0.0/15 Network interconnect device benchmark testing
198.51.100.0/24 TEST-NET-2
203.0.113.0/24 TEST-NET-3
224.0.0.0/4 Multicast

dingjerry_FTNT · ‎12-17-2024

Hi @johnlloyd_13 ,

First of all, we need to understand:

What is a bogon address?

“Bogon” is an informal name for an IP packet on the public Internet that claims to be from an area of the IP address space reserved, but not yet allocated or delegated by the Internet Assigned Numbers Authority (IANA) or a delegated Regional Internet Registry (RIR). The areas of unallocated address space are called “bogon space”.

So Fortinet is not the authority to confirm what the bogon spaces are. You have to contact IANA or RIR.

You may also use this form to request to add a Bogon space ISDB object:

https://www.fortiguard.com/faq/isdb-contact

Regards,

Jerry

ISDB Bogon IPv4 Address Object

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website