Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
sub geoipblock {
# Flush iptables chain.
- run("$IPTABLES -F GEOIPBLOCK");
+ run("$IPTABLES -F LOCATIONBLOCK");
# If geoip blocking is not enabled, we are finished here.
if ($geoipsettings{'GEOIPBLOCK_ENABLED'} ne "on") {
# is enabled.
foreach my $location (@locations) {
if(exists $geoipsettings{$location} && $geoipsettings{$location} eq "on") {
- run("$IPTABLES -A GEOIPBLOCK -m geoip --src-cc $location -j DROP");
+ run("$IPTABLES -A LOCATIONBLOCK -m geoip --src-cc $location -j DROP");
}
}
}
iptables -A OUTPUT -o "${BLUE_DEV}" -j DHCPBLUEOUTPUT
fi
- # GeoIP block
- iptables -N GEOIPBLOCK
- iptables -A INPUT -j GEOIPBLOCK
- iptables -A FORWARD -j GEOIPBLOCK
+ # Location Block
+ iptables -N LOCATIONBLOCK
+ iptables -A INPUT -j LOCATIONBLOCK
+ iptables -A FORWARD -j LOCATIONBLOCK
# trafic from ipsecX/TUN/TAP interfaces, before "-i GREEN_DEV" accept everything
iptables -N IPSECINPUT