From 95453f82056cdf9eecd6967ff9a98ad28132538f Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sat, 5 May 2018 15:48:12 +0100
Subject: [PATCH] Block firefox telemetry

---
 src/freedombone-utils-firewall | 16 ++++++++++++++++
 src/freedombone-utils-setup    |  3 +++
 2 files changed, 19 insertions(+)

diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall
index 06d2f98e2..ba302a357 100755
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@@ -47,6 +47,22 @@ function save_firewall_settings {
     fi
 }
 
+function block_firefox_telemetry {
+    # This shouldn't be needed on a server, but we'll do it anyway
+    # to be on the safe side
+    # Within firefox source code see submit_telemetry_data.py
+
+    FIREFOX_TELEMETRY_IP='52.88.27.118'
+
+    if grep "$FIREFOX_TELEMETRY_IP" /etc/firewall.conf; then
+        return
+    fi
+
+    iptables -A INPUT -s $FIREFOX_TELEMETRY_IP -j DROP
+    iptables -A OUTPUT -s $FIREFOX_TELEMETRY_IP -j DROP
+    save_firewall_settings
+}
+
 function firewall_block_bad_ip_ranges {
     if [ "$INSTALLING_MESH" ]; then
         return
diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup
index 88937781e..ba2a43ef0 100755
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -720,6 +720,9 @@ function setup_firewall {
     function_check configure_firewall
     configure_firewall
 
+    function_check block_firefox_telemetry
+    block_firefox_telemetry
+
     function_check configure_firewall_ping
     configure_firewall_ping
 
-- 
GitLab