~mdw
/
firewall
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
classify.m4: Use canonical forms for IPv6 addresses.
[firewall]
/
classify.m4
diff --git
a/classify.m4
b/classify.m4
index
8b6a650
..
606d90d
100644
(file)
--- a/
classify.m4
+++ b/
classify.m4
@@
-245,13
+245,14
@@
done
## Fill in the black holes in the network.
for addr in \
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
## Fill in the black holes in the network.
for addr in \
10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 \
- 127.0.0.0/8 192.0.2.0/24
+ 127.0.0.0/8 \
+ 192.0.2.0/24 198.51.100.0/24 203.0.113.0/24
do
run iptables -t mangle -A in-default -s $addr -g bad-source-address
done
for addr in \
fc00::/7 \
do
run iptables -t mangle -A in-default -s $addr -g bad-source-address
done
for addr in \
fc00::/7 \
- 2001:
0
db8::/32
+ 2001:db8::/32
do
run ip6tables -t mangle -A in-default -s $addr -g bad-source-address
done
do
run ip6tables -t mangle -A in-default -s $addr -g bad-source-address
done