Skip to content
Snippets Groups Projects
Commit 38072abc authored by Bob Mottram's avatar Bob Mottram
Browse files

Drop spoofed packets

parent 3652cc5c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/freedombone-utils-firewall
+ 16
0
View file @ 38072abc
...@@ -466,4 +466,20 @@ function firewall_unblock_domain { ...@@ -466,4 +466,20 @@ function firewall_unblock_domain {
fi fi
} }
function firewall_drop_spoofed_packets {
if [[ $(is_completed $FUNCNAME) == "1" ]]; then
return
fi
iptables -t mangle -A PREROUTING -s 224.0.0.0/3 -j DROP
iptables -t mangle -A PREROUTING -s 169.254.0.0/16 -j DROP
iptables -t mangle -A PREROUTING -s 172.16.0.0/12 -j DROP
iptables -t mangle -A PREROUTING -s 192.0.2.0/24 -j DROP
iptables -t mangle -A PREROUTING -s 10.0.0.0/8 -j DROP
iptables -t mangle -A PREROUTING -s 240.0.0.0/5 -j DROP
iptables -t mangle -A PREROUTING -s 127.0.0.0/8 ! -i lo -j DROP
function_check save_firewall_settings
save_firewall_settings
mark_completed $FUNCNAME
}
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0
src/freedombone-utils-setup
+ 3
0
View file @ 38072abc
...@@ -564,6 +564,9 @@ function setup_firewall { ...@@ -564,6 +564,9 @@ function setup_firewall {
function_check firewall_drop_telnet function_check firewall_drop_telnet
firewall_drop_telnet firewall_drop_telnet
function_check firewall_drop_spoofed_packets
firewall_drop_spoofed_packets
function_check configure_firewall_for_dns function_check configure_firewall_for_dns
configure_firewall_for_dns configure_firewall_for_dns
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment