Revision 1525ca4c
Added by Seth Mos over 14 years ago
| etc/inc/filter.inc | ||
|---|---|---|
| 2189 | 2189 |
if(isset($config['interfaces'][$on]['blockbogons'])) {
|
| 2190 | 2190 |
if($bogontableinstalled == 0) |
| 2191 | 2191 |
$ipfrules .= "table <bogons> persist file \"/etc/bogons\"\n"; |
| 2192 |
$ipfrules .= "table <bogonsv6> persist file \"/etc/bogonsv6\"\n"; |
|
| 2192 | 2193 |
$ipfrules .= <<<EOD |
| 2193 | 2194 |
# block bogon networks |
| 2194 | 2195 |
# http://www.cymru.com/Documents/bogon-bn-nonagg.txt |
| 2195 |
block in $log quick on \${$oc['descr']} from <bogons> to any label "block bogon networks from {$oc['descr']}"
|
|
| 2196 |
# http://www.team-cymru.org/Services/Bogons/fullbogons-ipv6.txt |
|
| 2197 |
block in $log quick on \${$oc['descr']} from <bogons> to any label "block bogon IPv4 networks from {$oc['descr']}"
|
|
| 2198 |
block in $log quick on \${$oc['descr']} from <bogonsv6> to any label "block bogon IPv6 networks from {$oc['descr']}"
|
|
| 2196 | 2199 |
|
| 2197 | 2200 |
EOD; |
| 2198 | 2201 |
$bogontableinstalled++; |
Also available in: Unified diff
reference the IPv6 bogons table as well