From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: location@lists.ipfire.org Subject: [PATCH 2/2] overrides: clarify file contents and policies Date: Fri, 06 Aug 2021 17:07:17 +0200 Message-ID: In-Reply-To: <4349f4fb-29b6-8fc4-0e96-7d94c5feb0d0@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5041620146815883378==" List-Id: --===============5041620146815883378== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This patch updates the disclaimer blocks at the beginning of the override-*.txt files, to be more accurate and helpful to people wishing to propose changes to them. In addition, a remark regarding the A[1-3] country codes has been added. Signed-off-by: Peter M=C3=BCller --- overrides/override-a1.txt | 26 ++++++++++++++++---------- overrides/override-a2.txt | 20 ++++++++++++++------ overrides/override-a3.txt | 20 +++++++++++++++----- overrides/override-other.txt | 26 ++++++++++++++++++-------- 4 files changed, 63 insertions(+), 29 deletions(-) diff --git a/overrides/override-a1.txt b/overrides/override-a1.txt index 284c3e8..77d5b08 100644 --- a/overrides/override-a1.txt +++ b/overrides/override-a1.txt @@ -1,19 +1,25 @@ # # override-a1 [.txt] # -# This file contains Autonomous Systems (AS) or IP networks/adresses -# which are - in fact or with a high level of confidence - anonymous -# proxies (special country code: A1). +# This file contains Autonomous Systems and IP networks used - in fact or wi= th reasonable +# confidence - for publicly available services for forwarding traffic anonym= ously, such as +# VPN providers. # -# Since it does not make sense to assign them to a county, they -# will be flagged as "A1" in the database. +# While their country code set is preserved in libloc - unless utterly bogus= -, it does not +# actually make sense to assign these to a distinct country. Therefore, they= will be flagged +# as "anonymous proxies" in libloc query results. # -# Although we do not consider them to be bad entirely, they might -# be unwanted in certain scenarios. +# For historical reasons, parts of IPFire's web interface use "A1" as a coun= try code for them. +# This violates ISO 3166, and might be changed to a different country code i= nside a reserved +# range in the future. # -# Please note only long-living Tor relay providers with static IPs -# are listed here, as the list of all Tor relays will be dynamically -# generated by another script. +# At the moment, major Tor exit relay providers are included here as well. T= hey will be dropped +# from this file in the future, as soon as bug #11754 has been solved and a = list of Tor exit +# relays is imported dynamically while compiling the database. +# +# Improvement suggestions are appreciated, please submit them as patches to = the location mailing +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and http= s://wiki.ipfire.org/devel/contact +# for further information. # # Please keep this file sorted. # diff --git a/overrides/override-a2.txt b/overrides/override-a2.txt index 502948f..223b4df 100644 --- a/overrides/override-a2.txt +++ b/overrides/override-a2.txt @@ -1,13 +1,21 @@ # # override-a2 [.txt] # -# This file contains Autonomous Systems (AS) or IP networks/addresses -# which are - in fact or with a high level of confidence - belonging -# to satellite network providers (special country code: A2). +# This file contains Autonomous Systems and IP networks used - in fact or wi= th reasonable +# confidence - for customers or dial-in pools of satellite-based internet se= rvices. # -# Since a satellite uplink connection is possible from almost -# anywhere in the world, it does not make sense to assign them to a -# specific country. They will be flagged as "A2" in the database. +# While their country code set is preserved in libloc - unless utterly bogus= -, it does not +# actually make sense to assign these to a distinct country, since a satelli= te connection is +# possible from virtually any place in the world. Therefore, they will be fl= agged as "satellite +# providers" in libloc query results. +# +# For historical reasons, parts of IPFire's web interface use "A2" as a coun= try code for them. +# This violates ISO 3166, and might be changed to a different country code i= nside a reserved +# range in the future. +# +# Improvement suggestions are appreciated, please submit them as patches to = the location mailing +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and http= s://wiki.ipfire.org/devel/contact +# for further information. # # Please keep this file sorted. # diff --git a/overrides/override-a3.txt b/overrides/override-a3.txt index d810d93..b07d4b8 100644 --- a/overrides/override-a3.txt +++ b/overrides/override-a3.txt @@ -1,12 +1,22 @@ # # override-a3 [.txt] # -# This file contains Autonomous Systems (AS) or IP networks/addresses -# which are - in fact or with a high level of confidence - believed -# to be worldwide anycast instances (special country codes: A3). +# This file contains Autonomous Systems and IP networks used - in fact or wi= th reasonable +# confidence - for worldwide anycast services. # -# It does not make sense to assign them to a certain country, they -# will be flagged as "A3" in the database. +# While their country code set is preserved in libloc - unless utterly bogus= -, it does not +# make sense to assign these to a distinct country. Therefore, they will be = flagged as "anycast" +# in libloc query results. +# +# For historical reasons, parts of IPFire's web interface use "A3" as a coun= try code for them. +# This violates ISO 3166, and might be changed to a different country code i= nside a reserved +# range in the future. +# +# Improvement suggestions are appreciated, please submit them as patches to = the location mailing +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and http= s://wiki.ipfire.org/devel/contact +# for further information. +# +# Please keep this file sorted. # =20 aut-num: AS69 diff --git a/overrides/override-other.txt b/overrides/override-other.txt index 045b515..d232fc6 100644 --- a/overrides/override-other.txt +++ b/overrides/override-other.txt @@ -1,14 +1,24 @@ # -# override-other [.txt] +# override-a3 [.txt] # -# This file contains Autonomous Systems (AS) or IP networks/addresses -# whose country information in corresponding RIR data is believed or proven -# to be invalid or inaccurate and which do not match to one of the special c= ategories -# A[1-3]. +# This file contains Autonomous Systems and IP networks whose RIR data are b= elieved to be inaccurate, +# incomplete, or bogus on purpose and by chance. A small subset of its entri= es applies to AS descriptions, +# while the majority covers country code assignments. # -# Such networks might be legitimate (poorly maintained WHOIS data), shady -# (networks owned by letterbox companies in offshore jurisdictions) or -# hostile (faked RIR data in order to bypass location-based filtering). +# The latter are crucial due to location-based firewalling or routing. Inacc= urate country code assignments +# therefore pose a security threat to these users, especially if being set i= ntentionally to circumvent such +# filters. +# +# The term "Location" may refer to the actual, physical location of a networ= k (usually hard to enumerate +# beyond a country-level), or its jurisdiction. To the best of our knowledge= , the contents of "country"-fields +# in RIR databases were never clarified in this conext. +# +# When in doubt, the physical location of a network will be used below, espe= cially if the jurisdiction of a +# network appears to be not helpful at all, such as offshore letterbox compa= nies on the other end of the world. +# +# Improvement suggestions are appreciated, please submit them as patches to = the location mailing +# list. Refer to https://lists.ipfire.org/mailman/listinfo/location and http= s://wiki.ipfire.org/devel/contact +# for further information. # # Please keep this file sorted. # --=20 2.26.2 --===============5041620146815883378==--