firewall: Allow traffic from multicast networks

The multicast network segment 224.0.0.0/4 is used for a lot of
different services provided by the local ISP's. (IPTV etc.)

We have to allow traffic from this networks when using one of
the BOGON blocklists in order to get those ISP services still
accessable.

https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml

Fixes 13092.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 6c08feb86391a0a3a6456a8dfa105fba33e7f01e..7edb910e2d6e649396c38071380f796112d9e013 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -55,6 +55,7 @@ my @PRIVATE_NETWORKS = (
        "172.16.0.0/12",
        "192.168.0.0/16",
        "100.64.0.0/10",
+       "224.0.0.0/4",
 );
 
 # MARK masks