martians: overhaul
- Use the XML files instead of the CSV - Separate output in inbound and outbound tables - Add script for producing all the outputs
This commit is contained in:
parent
56b12b3023
commit
5db09725a3
17
utils/openbsd/pf-martians/generate-tables.sh
Normal file
17
utils/openbsd/pf-martians/generate-tables.sh
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
script=iana-ip-special-registry-parser.py
|
||||||
|
|
||||||
|
process_xml()
|
||||||
|
{
|
||||||
|
v=$1
|
||||||
|
dir=$2
|
||||||
|
in=iana-ip$v-special-registry.xml
|
||||||
|
out=martians-$v-${dir%bound}.txt
|
||||||
|
|
||||||
|
python3 "$script" "$dir" <"$in" >"$out"
|
||||||
|
}
|
||||||
|
|
||||||
|
process_xml v4 inbound
|
||||||
|
process_xml v4 outbound
|
||||||
|
process_xml v6 inbound
|
||||||
|
process_xml v6 outbound
|
@ -1,38 +1,101 @@
|
|||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
import csv
|
import argparse
|
||||||
import re
|
from enum import Enum
|
||||||
import sys
|
import sys
|
||||||
|
import xml.sax
|
||||||
|
|
||||||
REGEX_FOOTNOTES = re.compile(r" \[\d+\]")
|
|
||||||
REGEX_WHITESPACES = re.compile(r"\s+")
|
|
||||||
|
|
||||||
def parse_iana_csv(csvfile):
|
class ParserState(Enum):
|
||||||
reader = csv.DictReader(csvfile)
|
NOOP = 0
|
||||||
for row in reader:
|
DISCARD = 1
|
||||||
fmt = ""
|
CAPTURE = 2
|
||||||
reachable = row["Globally Reachable"]
|
|
||||||
if reachable == "":
|
|
||||||
continue
|
class IPDisallowedHandler(xml.sax.ContentHandler):
|
||||||
if "False" in reachable:
|
TRANSITIONS = {
|
||||||
fmt = "{}"
|
"address": ParserState.CAPTURE,
|
||||||
elif "True" in reachable:
|
"source": ParserState.CAPTURE,
|
||||||
fmt = "!{}"
|
"destination": ParserState.CAPTURE,
|
||||||
elif "N/A" in reachable:
|
"global": ParserState.CAPTURE,
|
||||||
fmt = "#{}"
|
}
|
||||||
else:
|
|
||||||
fmt = "#[" + reachable + "]: {}"
|
def __init__(self):
|
||||||
blocks = row["Address Block"]
|
self._reset()
|
||||||
blocks = REGEX_FOOTNOTES.sub("", blocks)
|
|
||||||
blocks = REGEX_WHITESPACES.sub("", blocks)
|
def _reset(self):
|
||||||
for block in blocks.split(","):
|
self._state = ParserState.NOOP
|
||||||
print(fmt.format(block))
|
self._address = None
|
||||||
|
self._source = None
|
||||||
|
self._destination = None
|
||||||
|
self._global = None
|
||||||
|
self._content = ""
|
||||||
|
|
||||||
|
def _processElement(self, name):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def startElement(self, name, attrs):
|
||||||
|
if name == "record":
|
||||||
|
self._state = ParserState.DISCARD
|
||||||
|
return
|
||||||
|
if self._state == ParserState.NOOP:
|
||||||
|
return
|
||||||
|
|
||||||
|
self._state = self.TRANSITIONS.get(name, ParserState.DISCARD)
|
||||||
|
|
||||||
|
def endElement(self, name):
|
||||||
|
if name == "record":
|
||||||
|
if self._address is not None:
|
||||||
|
self._processElement()
|
||||||
|
self._reset()
|
||||||
|
if self._state == ParserState.NOOP:
|
||||||
|
return
|
||||||
|
|
||||||
|
if self._content == "":
|
||||||
|
return
|
||||||
|
self._content = self._content.strip()
|
||||||
|
if name == "address":
|
||||||
|
self._address = self._content.split(", ")
|
||||||
|
if name == "source":
|
||||||
|
self._source = self._content == "True"
|
||||||
|
if name == "destination":
|
||||||
|
self._destination = self._content == "True"
|
||||||
|
if name == "global":
|
||||||
|
self._global = self._content == "True"
|
||||||
|
self._content = ""
|
||||||
|
self._state = ParserState.DISCARD
|
||||||
|
|
||||||
|
def characters(self, content):
|
||||||
|
if self._state != ParserState.CAPTURE:
|
||||||
|
return
|
||||||
|
self._content += content
|
||||||
|
|
||||||
|
|
||||||
|
class IPDisallowedInboundHandler(IPDisallowedHandler):
|
||||||
|
def _processElement(self):
|
||||||
|
if not self._source:
|
||||||
|
for address in self._address:
|
||||||
|
print(address)
|
||||||
|
|
||||||
|
|
||||||
|
class IPDisallowedOutboundHandler(IPDisallowedHandler):
|
||||||
|
def _processElement(self):
|
||||||
|
# Document states:
|
||||||
|
# > If the value of "Destination" is FALSE, the values of
|
||||||
|
# > "Forwardable" and "Globally Reachable" must also be false.
|
||||||
|
# So, `self._destination == False` implies `self._global ==
|
||||||
|
# False.` For this reason, it's enough to test for
|
||||||
|
# `self._global == False`.
|
||||||
|
if not self._global:
|
||||||
|
for address in self._address:
|
||||||
|
print(address)
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
def usage():
|
parser = argparse.ArgumentParser()
|
||||||
print("Usage: {}".format(sys.argv[1]), file=sys.stderr)
|
parser.add_argument("direction", choices=["inbound", "outbound"])
|
||||||
sys.exit(1)
|
args = parser.parse_args()
|
||||||
|
|
||||||
if len(sys.argv) != 1:
|
if args.direction == "inbound":
|
||||||
usage()
|
handler = IPDisallowedInboundHandler()
|
||||||
|
else:
|
||||||
parse_iana_csv(sys.stdin)
|
handler = IPDisallowedOutboundHandler()
|
||||||
|
xml.sax.parse(sys.stdin, handler)
|
||||||
|
@ -1,25 +0,0 @@
|
|||||||
Address Block,Name,RFC,Allocation Date,Termination Date,Source,Destination,Forwardable,Globally Reachable,Reserved-by-Protocol
|
|
||||||
0.0.0.0/8,"""This host on this network""","[RFC1122], Section 3.2.1.3",1981-09,N/A,True,False,False,False,True
|
|
||||||
10.0.0.0/8,Private-Use,[RFC1918],1996-02,N/A,True,True,True,False,False
|
|
||||||
100.64.0.0/10,Shared Address Space,[RFC6598],2012-04,N/A,True,True,True,False,False
|
|
||||||
127.0.0.0/8,Loopback,"[RFC1122], Section 3.2.1.3",1981-09,N/A,False [1],False [1],False [1],False [1],True
|
|
||||||
169.254.0.0/16,Link Local,[RFC3927],2005-05,N/A,True,True,False,False,True
|
|
||||||
172.16.0.0/12,Private-Use,[RFC1918],1996-02,N/A,True,True,True,False,False
|
|
||||||
192.0.0.0/24 [2],IETF Protocol Assignments,"[RFC6890], Section 2.1",2010-01,N/A,False,False,False,False,False
|
|
||||||
192.0.0.0/29,IPv4 Service Continuity Prefix,[RFC7335],2011-06,N/A,True,True,True,False,False
|
|
||||||
192.0.0.8/32,IPv4 dummy address,[RFC7600],2015-03,N/A,True,False,False,False,False
|
|
||||||
192.0.0.9/32,Port Control Protocol Anycast,[RFC7723],2015-10,N/A,True,True,True,True,False
|
|
||||||
192.0.0.10/32,Traversal Using Relays around NAT Anycast,[RFC8155],2017-02,N/A,True,True,True,True,False
|
|
||||||
"192.0.0.170/32, 192.0.0.171/32",NAT64/DNS64 Discovery,"[RFC-cheshire-sudn-ipv4only-dot-arpa-17][RFC7050], Section 2.2",2013-02,N/A,False,False,False,False,True
|
|
||||||
192.0.2.0/24,Documentation (TEST-NET-1),[RFC5737],2010-01,N/A,False,False,False,False,False
|
|
||||||
192.31.196.0/24,AS112-v4,[RFC7535],2014-12,N/A,True,True,True,True,False
|
|
||||||
192.52.193.0/24,AMT,[RFC7450],2014-12,N/A,True,True,True,True,False
|
|
||||||
192.88.99.0/24,Deprecated (6to4 Relay Anycast),[RFC7526],2001-06,2015-03,,,,,
|
|
||||||
192.168.0.0/16,Private-Use,[RFC1918],1996-02,N/A,True,True,True,False,False
|
|
||||||
192.175.48.0/24,Direct Delegation AS112 Service,[RFC7534],1996-01,N/A,True,True,True,True,False
|
|
||||||
198.18.0.0/15,Benchmarking,[RFC2544],1999-03,N/A,True,True,True,False,False
|
|
||||||
198.51.100.0/24,Documentation (TEST-NET-2),[RFC5737],2010-01,N/A,False,False,False,False,False
|
|
||||||
203.0.113.0/24,Documentation (TEST-NET-3),[RFC5737],2010-01,N/A,False,False,False,False,False
|
|
||||||
240.0.0.0/4,Reserved,"[RFC1112], Section 4",1989-08,N/A,False,False,False,False,True
|
|
||||||
255.255.255.255/32,Limited Broadcast,"[RFC8190]
|
|
||||||
[RFC919], Section 7",1984-10,N/A,False,True,False,False,True
|
|
|
359
utils/openbsd/pf-martians/iana-ipv4-special-registry.xml
Normal file
359
utils/openbsd/pf-martians/iana-ipv4-special-registry.xml
Normal file
@ -0,0 +1,359 @@
|
|||||||
|
<?xml version='1.0' encoding='UTF-8'?>
|
||||||
|
<?xml-stylesheet type="text/xsl" href="iana-ipv4-special-registry.xsl"?>
|
||||||
|
<?oxygen RNGSchema="iana-ipv4-special-registry.rng" type="xml"?>
|
||||||
|
<registry xmlns="http://www.iana.org/assignments" id="iana-ipv4-special-registry">
|
||||||
|
<title>IANA IPv4 Special-Purpose Address Registry</title>
|
||||||
|
<category>Internet Protocol version 4 (IPv4) Address Space</category>
|
||||||
|
<created>2009-08-19</created>
|
||||||
|
<updated>2020-09-04</updated>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<registry id="iana-ipv4-special-registry-1">
|
||||||
|
<title>IANA IPv4 Special-Purpose Address Registry</title>
|
||||||
|
<xref type="rfc" data="rfc5736"/>
|
||||||
|
<xref type="rfc" data="rfc6890"/>
|
||||||
|
<xref type="rfc" data="rfc8190"/>
|
||||||
|
<registration_rule>IETF Review</registration_rule>
|
||||||
|
<note>The IETF has reserved the address block of 192.0.0.0/24 for use for
|
||||||
|
special purposes relating to protocol assignments. This registry
|
||||||
|
contains the current assignments made by the IETF from this address
|
||||||
|
block.
|
||||||
|
|
||||||
|
Address prefixes listed in the Special-Purpose Address Registry are
|
||||||
|
not guaranteed routability in any particular local or global context.
|
||||||
|
|
||||||
|
The IPv4 and IPv6 Special-Purpose Address Registries maintain the
|
||||||
|
following information regarding each entry:
|
||||||
|
|
||||||
|
o Address Block - A block of IPv4 or IPv6 addresses that has been
|
||||||
|
registered for a special purpose.
|
||||||
|
|
||||||
|
o Name - A descriptive name for the special-purpose address block.
|
||||||
|
|
||||||
|
o RFC - The RFC through which the special-purpose address block was
|
||||||
|
requested.
|
||||||
|
|
||||||
|
o Allocation Date - The date upon which the special-purpose address
|
||||||
|
block was allocated.
|
||||||
|
|
||||||
|
o Termination Date - The date upon which the allocation is to be
|
||||||
|
terminated. This field is applicable for limited-use allocations
|
||||||
|
only.
|
||||||
|
|
||||||
|
o Source - A boolean value indicating whether an address from the
|
||||||
|
allocated special-purpose address block is valid when used as the
|
||||||
|
source address of an IP datagram that transits two devices.
|
||||||
|
|
||||||
|
o Destination - A boolean value indicating whether an address from
|
||||||
|
the allocated special-purpose address block is valid when used as
|
||||||
|
the destination address of an IP datagram that transits two
|
||||||
|
devices.
|
||||||
|
|
||||||
|
o Forwardable - A boolean value indicating whether a router may
|
||||||
|
forward an IP datagram whose destination address is drawn from the
|
||||||
|
allocated special-purpose address block between external
|
||||||
|
interfaces.
|
||||||
|
|
||||||
|
o Globally Reachable - A boolean value indicating whether an IP
|
||||||
|
datagram whose destination address is drawn from the allocated
|
||||||
|
special-purpose address block is forwardable beyond a specified
|
||||||
|
administrative domain.
|
||||||
|
|
||||||
|
o Reserved-by-Protocol - A boolean value indicating whether the
|
||||||
|
special-purpose address block is reserved by IP, itself. This
|
||||||
|
value is "TRUE" if the RFC that created the special-purpose
|
||||||
|
address block requires all compliant IP implementations to behave
|
||||||
|
in a special way when processing packets either to or from
|
||||||
|
addresses contained by the address block.
|
||||||
|
|
||||||
|
If the value of "Destination" is FALSE, the values of "Forwardable"
|
||||||
|
and "Globally Reachable" must also be false.
|
||||||
|
</note>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>0.0.0.0/8</address>
|
||||||
|
<name>"This host on this network"</name>
|
||||||
|
<spec><xref type="rfc" data="rfc1122"/>, Section 3.2.1.3</spec>
|
||||||
|
<allocation>1981-09</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>10.0.0.0/8</address>
|
||||||
|
<name>Private-Use</name>
|
||||||
|
<spec><xref type="rfc" data="rfc1918"/></spec>
|
||||||
|
<allocation>1996-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>100.64.0.0/10</address>
|
||||||
|
<name>Shared Address Space</name>
|
||||||
|
<spec><xref type="rfc" data="rfc6598"/></spec>
|
||||||
|
<allocation>2012-04</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>127.0.0.0/8</address>
|
||||||
|
<name>Loopback</name>
|
||||||
|
<spec><xref type="rfc" data="rfc1122"/>, Section 3.2.1.3</spec>
|
||||||
|
<allocation>1981-09</allocation>
|
||||||
|
<source>False <xref type="note" data="1"/></source>
|
||||||
|
<destination>False <xref type="note" data="1"/></destination>
|
||||||
|
<forwardable>False <xref type="note" data="1"/></forwardable>
|
||||||
|
<global>False <xref type="note" data="1"/></global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>169.254.0.0/16</address>
|
||||||
|
<name>Link Local</name>
|
||||||
|
<spec><xref type="rfc" data="rfc3927"/></spec>
|
||||||
|
<allocation>2005-05</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>172.16.0.0/12</address>
|
||||||
|
<name>Private-Use</name>
|
||||||
|
<spec><xref type="rfc" data="rfc1918"/></spec>
|
||||||
|
<allocation>1996-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>192.0.0.0/24 <xref type="note" data="2"/></address>
|
||||||
|
<name>IETF Protocol Assignments</name>
|
||||||
|
<spec><xref type="rfc" data="rfc6890"/>, Section 2.1</spec>
|
||||||
|
<allocation>2010-01</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>192.0.0.0/29</address>
|
||||||
|
<name>IPv4 Service Continuity Prefix</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7335"/></spec>
|
||||||
|
<allocation>2011-06</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>192.0.0.8/32</address>
|
||||||
|
<name>IPv4 dummy address</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7600"/></spec>
|
||||||
|
<allocation>2015-03</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2015-10-23">
|
||||||
|
<address>192.0.0.9/32</address>
|
||||||
|
<name>Port Control Protocol Anycast</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7723"/></spec>
|
||||||
|
<allocation>2015-10</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2017-02-23">
|
||||||
|
<address>192.0.0.10/32</address>
|
||||||
|
<name>Traversal Using Relays around NAT Anycast</name>
|
||||||
|
<spec><xref type="rfc" data="rfc8155"/></spec>
|
||||||
|
<allocation>2017-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>192.0.0.170/32, 192.0.0.171/32</address>
|
||||||
|
<name>NAT64/DNS64 Discovery</name>
|
||||||
|
<spec><xref type="rfc" data="rfc8880"/><xref type="rfc" data="rfc7050"/>, Section 2.2</spec>
|
||||||
|
<allocation>2013-02</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>192.0.2.0/24</address>
|
||||||
|
<name>Documentation (TEST-NET-1)</name>
|
||||||
|
<spec><xref type="rfc" data="rfc5737"/></spec>
|
||||||
|
<allocation>2010-01</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2014-12-17">
|
||||||
|
<address>192.31.196.0/24</address>
|
||||||
|
<name>AS112-v4</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7535"/></spec>
|
||||||
|
<allocation>2014-12</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2014-12-17">
|
||||||
|
<address>192.52.193.0/24</address>
|
||||||
|
<name>AMT</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7450"/></spec>
|
||||||
|
<allocation>2014-12</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record updated="2015-03-15">
|
||||||
|
<address>192.88.99.0/24</address>
|
||||||
|
<name>Deprecated (6to4 Relay Anycast)</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7526"/></spec>
|
||||||
|
<allocation>2001-06</allocation>
|
||||||
|
<termination>2015-03</termination>
|
||||||
|
<source/>
|
||||||
|
<destination/>
|
||||||
|
<forwardable/>
|
||||||
|
<global/>
|
||||||
|
<reserved/>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>192.168.0.0/16</address>
|
||||||
|
<name>Private-Use</name>
|
||||||
|
<spec><xref type="rfc" data="rfc1918"/></spec>
|
||||||
|
<allocation>1996-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2015-03-17">
|
||||||
|
<address>192.175.48.0/24</address>
|
||||||
|
<name>Direct Delegation AS112 Service</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7534"/></spec>
|
||||||
|
<allocation>1996-01</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>198.18.0.0/15</address>
|
||||||
|
<name>Benchmarking</name>
|
||||||
|
<spec><xref type="rfc" data="rfc2544"/></spec>
|
||||||
|
<allocation>1999-03</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>198.51.100.0/24</address>
|
||||||
|
<name>Documentation (TEST-NET-2)</name>
|
||||||
|
<spec><xref type="rfc" data="rfc5737"/></spec>
|
||||||
|
<allocation>2010-01</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>203.0.113.0/24</address>
|
||||||
|
<name>Documentation (TEST-NET-3)</name>
|
||||||
|
<spec><xref type="rfc" data="rfc5737"/></spec>
|
||||||
|
<allocation>2010-01</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>240.0.0.0/4</address>
|
||||||
|
<name>Reserved</name>
|
||||||
|
<spec><xref type="rfc" data="rfc1112"/>, Section 4</spec>
|
||||||
|
<allocation>1989-08</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>255.255.255.255/32</address>
|
||||||
|
<name>Limited Broadcast</name>
|
||||||
|
<spec><xref type="rfc" data="rfc8190"/>
|
||||||
|
<xref type="rfc" data="rfc919"/>, Section 7</spec>
|
||||||
|
<allocation>1984-10</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
</registry>
|
||||||
|
|
||||||
|
<footnote anchor="1">Several protocols have been granted exceptions to this rule.
|
||||||
|
For examples, see <xref type="rfc" data="rfc8029"/> and <xref type="rfc" data="rfc5884"/>.</footnote>
|
||||||
|
<footnote anchor="2">Not useable unless by virtue of a more specific reservation.</footnote>
|
||||||
|
|
||||||
|
<people/>
|
||||||
|
</registry>
|
@ -1,23 +0,0 @@
|
|||||||
Address Block,Name,RFC,Allocation Date,Termination Date,Source,Destination,Forwardable,Globally Reachable,Reserved-by-Protocol
|
|
||||||
::1/128,Loopback Address,[RFC4291],2006-02,N/A,False,False,False,False,True
|
|
||||||
::/128,Unspecified Address,[RFC4291],2006-02,N/A,True,False,False,False,True
|
|
||||||
::ffff:0:0/96,IPv4-mapped Address,[RFC4291],2006-02,N/A,False,False,False,False,True
|
|
||||||
64:ff9b::/96,IPv4-IPv6 Translat.,[RFC6052],2010-10,N/A,True,True,True,True,False
|
|
||||||
64:ff9b:1::/48,IPv4-IPv6 Translat.,[RFC8215],2017-06,N/A,True,True,True,False,False
|
|
||||||
100::/64,Discard-Only Address Block,[RFC6666],2012-06,N/A,True,True,True,False,False
|
|
||||||
2001::/23,IETF Protocol Assignments,[RFC2928],2000-09,N/A,False [1],False [1],False [1],False [1],False
|
|
||||||
2001::/32,TEREDO,"[RFC4380]
|
|
||||||
[RFC8190]",2006-01,N/A,True,True,True,N/A [2],False
|
|
||||||
2001:1::1/128,Port Control Protocol Anycast,[RFC7723],2015-10,N/A,True,True,True,True,False
|
|
||||||
2001:1::2/128,Traversal Using Relays around NAT Anycast,[RFC8155],2017-02,N/A,True,True,True,True,False
|
|
||||||
2001:2::/48,Benchmarking,[RFC5180][RFC Errata 1752],2008-04,N/A,True,True,True,False,False
|
|
||||||
2001:3::/32,AMT,[RFC7450],2014-12,N/A,True,True,True,True,False
|
|
||||||
2001:4:112::/48,AS112-v6,[RFC7535],2014-12,N/A,True,True,True,True,False
|
|
||||||
2001:10::/28,Deprecated (previously ORCHID),[RFC4843],2007-03,2014-03,,,,,
|
|
||||||
2001:20::/28,ORCHIDv2,[RFC7343],2014-07,N/A,True,True,True,True,False
|
|
||||||
2001:db8::/32,Documentation,[RFC3849],2004-07,N/A,False,False,False,False,False
|
|
||||||
2002::/16 [3],6to4,[RFC3056],2001-02,N/A,True,True,True,N/A [3],False
|
|
||||||
2620:4f:8000::/48,Direct Delegation AS112 Service,[RFC7534],2011-05,N/A,True,True,True,True,False
|
|
||||||
fc00::/7,Unique-Local,"[RFC4193]
|
|
||||||
[RFC8190]",2005-10,N/A,True,True,True,False [4],False
|
|
||||||
fe80::/10,Link-Local Unicast,[RFC4291],2006-02,N/A,True,True,False,False,True
|
|
|
323
utils/openbsd/pf-martians/iana-ipv6-special-registry.xml
Normal file
323
utils/openbsd/pf-martians/iana-ipv6-special-registry.xml
Normal file
@ -0,0 +1,323 @@
|
|||||||
|
<?xml version='1.0' encoding='UTF-8'?>
|
||||||
|
<?xml-stylesheet type="text/xsl" href="iana-ipv6-special-registry.xsl"?>
|
||||||
|
<?oxygen RNGSchema="iana-ipv6-special-registry.rng" type="xml"?>
|
||||||
|
<registry xmlns="http://www.iana.org/assignments" id="iana-ipv6-special-registry">
|
||||||
|
<title>IANA IPv6 Special-Purpose Address Registry</title>
|
||||||
|
<category>Internet Protocol version 6 (IPv6) Global Unicast Allocations</category>
|
||||||
|
<created>2006-01-10</created>
|
||||||
|
<updated>2019-09-13</updated>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<registry id="iana-ipv6-special-registry-1">
|
||||||
|
<title>IANA IPv6 Special-Purpose Address Registry</title>
|
||||||
|
<xref type="rfc" data="rfc4773"/>
|
||||||
|
<xref type="rfc" data="rfc6890"/>
|
||||||
|
<xref type="rfc" data="rfc8190"/>
|
||||||
|
<registration_rule>IETF Review</registration_rule>
|
||||||
|
<note>Address prefixes listed in the Special-Purpose Address Registry are
|
||||||
|
not guaranteed routability in any particular local or global context.
|
||||||
|
|
||||||
|
The IPv4 and IPv6 Special-Purpose Address Registries maintain the following
|
||||||
|
information regarding each entry:
|
||||||
|
|
||||||
|
o Address Block - A block of IPv4 or IPv6 addresses that has been
|
||||||
|
registered for a special purpose.
|
||||||
|
|
||||||
|
o Name - A descriptive name for the special-purpose address block.
|
||||||
|
|
||||||
|
o RFC - The RFC through which the special-purpose address block was
|
||||||
|
requested.
|
||||||
|
|
||||||
|
o Allocation Date - The date upon which the special-purpose address
|
||||||
|
block was allocated.
|
||||||
|
|
||||||
|
o Termination Date - The date upon which the allocation is to be
|
||||||
|
terminated. This field is applicable for limited-use allocations
|
||||||
|
only.
|
||||||
|
|
||||||
|
o Source - A boolean value indicating whether an address from the
|
||||||
|
allocated special-purpose address block is valid when used as the
|
||||||
|
source address of an IP datagram that transits two devices.
|
||||||
|
|
||||||
|
o Destination - A boolean value indicating whether an address from
|
||||||
|
the allocated special-purpose address block is valid when used as
|
||||||
|
the destination address of an IP datagram that transits two
|
||||||
|
devices.
|
||||||
|
|
||||||
|
o Forwardable - A boolean value indicating whether a router may
|
||||||
|
forward an IP datagram whose destination address is drawn from the
|
||||||
|
allocated special-purpose address block between external
|
||||||
|
interfaces.
|
||||||
|
|
||||||
|
o Globally Reachable - A boolean value indicating whether an IP
|
||||||
|
datagram whose destination address is drawn from the allocated
|
||||||
|
special-purpose address block is forwardable beyond a specified
|
||||||
|
administrative domain.
|
||||||
|
|
||||||
|
o Reserved-by-Protocol - A boolean value indicating whether the
|
||||||
|
special-purpose address block is reserved by IP, itself. This
|
||||||
|
value is "TRUE" if the RFC that created the special-purpose
|
||||||
|
address block requires all compliant IP implementations to behave
|
||||||
|
in a special way when processing packets either to or from
|
||||||
|
addresses contained by the address block.
|
||||||
|
|
||||||
|
If the value of "Destination" is FALSE, the values of "Forwardable" and
|
||||||
|
"Globally Reachable" must also be false.
|
||||||
|
|
||||||
|
</note>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>::1/128</address>
|
||||||
|
<name>Loopback Address</name>
|
||||||
|
<spec><xref type="rfc" data="rfc4291"/></spec>
|
||||||
|
<allocation>2006-02</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>::/128</address>
|
||||||
|
<name>Unspecified Address</name>
|
||||||
|
<spec><xref type="rfc" data="rfc4291"/></spec>
|
||||||
|
<allocation>2006-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>::ffff:0:0/96</address>
|
||||||
|
<name>IPv4-mapped Address</name>
|
||||||
|
<spec><xref type="rfc" data="rfc4291"/></spec>
|
||||||
|
<allocation>2006-02</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>64:ff9b::/96</address>
|
||||||
|
<name>IPv4-IPv6 Translat.</name>
|
||||||
|
<spec><xref type="rfc" data="rfc6052"/></spec>
|
||||||
|
<allocation>2010-10</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>64:ff9b:1::/48</address>
|
||||||
|
<name>IPv4-IPv6 Translat.</name>
|
||||||
|
<spec><xref type="rfc" data="rfc8215"/></spec>
|
||||||
|
<allocation>2017-06</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>100::/64</address>
|
||||||
|
<name>Discard-Only Address Block</name>
|
||||||
|
<spec><xref type="rfc" data="rfc6666"/></spec>
|
||||||
|
<allocation>2012-06</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>2001::/23</address>
|
||||||
|
<name>IETF Protocol Assignments</name>
|
||||||
|
<spec><xref type="rfc" data="rfc2928"/></spec>
|
||||||
|
<allocation>2000-09</allocation>
|
||||||
|
<source>False <xref type="note" data="1"/></source>
|
||||||
|
<destination>False <xref type="note" data="1"/></destination>
|
||||||
|
<forwardable>False <xref type="note" data="1"/></forwardable>
|
||||||
|
<global>False <xref type="note" data="1"/></global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>2001::/32</address>
|
||||||
|
<name>TEREDO</name>
|
||||||
|
<spec><xref type="rfc" data="rfc4380"/>
|
||||||
|
<xref type="rfc" data="rfc8190"/></spec>
|
||||||
|
<allocation>2006-01</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>N/A <xref type="note" data="2"/></global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2015-10-29">
|
||||||
|
<address>2001:1::1/128</address>
|
||||||
|
<name>Port Control Protocol Anycast</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7723"/></spec>
|
||||||
|
<allocation>2015-10</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2017-02-23">
|
||||||
|
<address>2001:1::2/128</address>
|
||||||
|
<name>Traversal Using Relays around NAT Anycast</name>
|
||||||
|
<spec><xref type="rfc" data="rfc8155"/></spec>
|
||||||
|
<allocation>2017-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>2001:2::/48</address>
|
||||||
|
<name>Benchmarking</name>
|
||||||
|
<spec><xref type="rfc" data="rfc5180"/><xref type="rfc-errata" data="1752"/></spec>
|
||||||
|
<allocation>2008-04</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2014-12-17">
|
||||||
|
<address>2001:3::/32</address>
|
||||||
|
<name>AMT</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7450"/></spec>
|
||||||
|
<allocation>2014-12</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2014-12-17">
|
||||||
|
<address>2001:4:112::/48</address>
|
||||||
|
<name>AS112-v6</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7535"/></spec>
|
||||||
|
<allocation>2014-12</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>2001:10::/28</address>
|
||||||
|
<name>Deprecated (previously ORCHID)</name>
|
||||||
|
<spec><xref type="rfc" data="rfc4843"/></spec>
|
||||||
|
<allocation>2007-03</allocation>
|
||||||
|
<termination>2014-03</termination>
|
||||||
|
<source/>
|
||||||
|
<destination/>
|
||||||
|
<forwardable/>
|
||||||
|
<global/>
|
||||||
|
<reserved/>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record date="2014-07-22">
|
||||||
|
<address>2001:20::/28</address>
|
||||||
|
<name>ORCHIDv2</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7343"/></spec>
|
||||||
|
<allocation>2014-07</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>2001:db8::/32</address>
|
||||||
|
<name>Documentation</name>
|
||||||
|
<spec><xref type="rfc" data="rfc3849"/></spec>
|
||||||
|
<allocation>2004-07</allocation>
|
||||||
|
<source>False</source>
|
||||||
|
<destination>False</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>2002::/16 <xref type="note" data="3"/></address>
|
||||||
|
<name>6to4</name>
|
||||||
|
<spec><xref type="rfc" data="rfc3056"/></spec>
|
||||||
|
<allocation>2001-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>N/A <xref type="note" data="3"/></global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>2620:4f:8000::/48</address>
|
||||||
|
<name>Direct Delegation AS112 Service</name>
|
||||||
|
<spec><xref type="rfc" data="rfc7534"/></spec>
|
||||||
|
<allocation>2011-05</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>True</global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>fc00::/7</address>
|
||||||
|
<name>Unique-Local</name>
|
||||||
|
<spec><xref type="rfc" data="rfc4193"/>
|
||||||
|
<xref type="rfc" data="rfc8190"/></spec>
|
||||||
|
<allocation>2005-10</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>True</forwardable>
|
||||||
|
<global>False <xref type="note" data="4"/></global>
|
||||||
|
<reserved>False</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
<record>
|
||||||
|
<address>fe80::/10</address>
|
||||||
|
<name>Link-Local Unicast</name>
|
||||||
|
<spec><xref type="rfc" data="rfc4291"/></spec>
|
||||||
|
<allocation>2006-02</allocation>
|
||||||
|
<source>True</source>
|
||||||
|
<destination>True</destination>
|
||||||
|
<forwardable>False</forwardable>
|
||||||
|
<global>False</global>
|
||||||
|
<reserved>True</reserved>
|
||||||
|
</record>
|
||||||
|
|
||||||
|
</registry>
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
<footnote anchor="1">Unless allowed by a more specific allocation.</footnote>
|
||||||
|
<footnote anchor="2">See Section 5 of <xref type="rfc" data="rfc4380"/> for details.</footnote>
|
||||||
|
<footnote anchor="3">See <xref type="rfc" data="rfc3056"/> for details.</footnote>
|
||||||
|
<footnote anchor="4">See <xref type="rfc" data="rfc4193"/> for more details on the routability of Unique-Local addresses. The Unique-Local prefix is
|
||||||
|
drawn from the IPv6 Global Unicast Address range, but is specified as not globally routed.</footnote>
|
||||||
|
<people/>
|
||||||
|
</registry>
|
Loading…
Reference in New Issue
Block a user