diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall
index 8d435ff3a749aabd85ca89e1632c2d48abae6be8..481b6158a77c68b9477315fcc9b603b5e4747fcb 100755
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@@ -466,4 +466,20 @@ function firewall_unblock_domain {
     fi
 }
 
+function firewall_drop_spoofed_packets {
+    if [[ $(is_completed $FUNCNAME) == "1" ]]; then
+        return
+    fi
+    iptables -t mangle -A PREROUTING -s 224.0.0.0/3 -j DROP
+    iptables -t mangle -A PREROUTING -s 169.254.0.0/16 -j DROP
+    iptables -t mangle -A PREROUTING -s 172.16.0.0/12 -j DROP
+    iptables -t mangle -A PREROUTING -s 192.0.2.0/24 -j DROP
+    iptables -t mangle -A PREROUTING -s 10.0.0.0/8 -j DROP
+    iptables -t mangle -A PREROUTING -s 240.0.0.0/5 -j DROP
+    iptables -t mangle -A PREROUTING -s 127.0.0.0/8 ! -i lo -j DROP
+    function_check save_firewall_settings
+    save_firewall_settings
+    mark_completed $FUNCNAME
+}
+
 # NOTE: deliberately no exit 0
diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup
index 91eeca3e28c4b759c00b80af2499e714fe1ed4af..b4778161d97776a8a63426efdedd01f3d7505f3d 100755
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -564,6 +564,9 @@ function setup_firewall {
     function_check firewall_drop_telnet
     firewall_drop_telnet
 
+    function_check firewall_drop_spoofed_packets
+    firewall_drop_spoofed_packets
+
     function_check configure_firewall_for_dns
     configure_firewall_for_dns