]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 642557e) | patch
firewall: Filter only on RED and exclude any private address space
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 14 Oct 2020 10:32:05 +0000 (11:32 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 14 Oct 2020 10:32:05 +0000 (11:32 +0100)
commitc69c820025c21713cdb77eae3dd4fa61ca71b5fb
treebe97739f755b6b385bf87518152f724f7b8664fbtree | snapshot
parent642557e23ba6c1bcab7e654569a35a5f4e6e8acccommit | diff
firewall: Filter only on RED and exclude any private address space

Since libloc is built as a tree we cannot simply exclude any address
space in the middle of it. Therefore we create some firewall rules
which simply avoid checking non-globally routable address space.

Fixes: #12499
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/firewall/rules.pl diff | blob | blame | history
config/rootfiles/core/151/filelists/files diff | blob | blame | history
IPFire 2.x development tree