~mdw / firewall / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
classify.m4: Use canonical forms for IPv6 addresses.
[firewall] / classify.m4
diff --git a/classify.m4 b/classify.m4
index 8b6a650..606d90d 100644 (file)
--- a/classify.m4
+++ b/classify.m4
@@ -245,13 +245,14 @@ done
 ## Fill in the black holes in the network.
 for addr in \
        10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
-       127.0.0.0/8 192.0.2.0/24
+       127.0.0.0/8 \
+       192.0.2.0/24 198.51.100.0/24 203.0.113.0/24
 do
   run iptables -t mangle -A in-default -s $addr -g bad-source-address
 done
 for addr in \
        fc00::/7 \
-       2001:0db8::/32
+       2001:db8::/32
 do
   run ip6tables -t mangle -A in-default -s $addr -g bad-source-address
 done
Firewall scripts for distorted.org.uk.