webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

firewall: Add ipblocklist related chains.

Browse Source 
Signed-off-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
This commit is contained in:
Tim FitzGeorge
2022-04-03 13:44:44 +02:00
committed by Stefan Schantl
parent 3e0cb28fc6
commit 733267f35a
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/initscripts/system/firewall
View File

@@ -180,6 +180,14 @@ iptables_init() {
iptables -A HOSTILE_DROP -m limit --limit 10/second -j LOG --log-prefix "DROP_HOSTILE "
iptables -A HOSTILE_DROP -j DROP -m comment --comment "DROP_HOSTILE"
# IP Address Blocklist chains
iptables -N BLOCKLISTIN
iptables -N BLOCKLISTOUT
iptables -A INPUT ! -p icmp -j BLOCKLISTIN
iptables -A FORWARD ! -p icmp -j BLOCKLISTIN
iptables -A FORWARD ! -p icmp -j BLOCKLISTOUT
iptables -A OUTPUT ! -p icmp -j BLOCKLISTOUT
# IPS (Guardian) chains
iptables -N GUARDIAN
iptables -A INPUT -j GUARDIAN