
filter language


        # filter out prefixes longer than 24 or shorter than 8 bits
        deny from any
        allow from any prefixlen 8 - 24

        # do not accept a default route
        deny from any prefix 0.0.0.0/0

        # filter bogus networks
        deny from any prefix 10.0.0.0/8 prefixlen >= 8
        deny from any prefix 172.16.0.0/12 prefixlen >= 12
        deny from any prefix { 192.168.0.0/16 169.254.0.0/16 } \ 
                prefixlen >= 16
        deny from any prefix 192.0.2.0/24 prefixlen >= 24
        deny from any prefix { 224.0.0.0/4 240.0.0.0/4 } prefixlen >= 4

