Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

banip: DHCPv6 bugfix

Browse source 
* ignore local DHCPv6 related and local icmpv6 traffic in banIP chain

Signed-off-by: Dirk Brenken <dev@brenken.org>
This commit is contained in:
Dirk Brenken 2020-12-30 16:13:58 +01:00
parent 48c60bf2a6
commit 33ed1eff57
No known key found for this signature in database
GPG key ID: 9D71CD547BFAE684
2 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
net/banip/Makefile
View file

@ -6,8 +6,8 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=banip
PKG_VERSION:=0.3.12
PKG_RELEASE:=3
PKG_VERSION:=0.3.13
PKG_RELEASE:=1
PKG_LICENSE:=GPL-3.0-or-later
PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

10
net/banip/files/banip.sh
View file

@ -13,7 +13,7 @@
#
LC_ALL=C
PATH="/usr/sbin:/usr/bin:/sbin:/bin"
ban_ver="0.3.12"
ban_ver="0.3.13"
ban_basever=""
ban_enabled=0
ban_automatic="1"
@ -410,8 +410,10 @@ f_iptadd()
f_iptrule "-I" "${wan_forward} -j ${ban_chain}"
if [ "${src_name##*_}" != "6" ]
then
# special IPv4 rules
f_iptrule "-A" "${ban_chain} -p udp --dport 67:68 --sport 67:68 -j RETURN"
else
f_iptrule "-A" "${ban_chain} -p udp -s fc00::/6 --sport 547 -d fc00::/6 --dport 546 -j RETURN"
f_iptrule "-A" "${ban_chain} -p ipv6-icmp -s fe80::/10 -d fe80::/10 -j RETURN"
fi
for dev in ${ban_dev}
do
@ -424,8 +426,10 @@ f_iptadd()
f_iptrule "-I" "${lan_forward} -j ${ban_chain}"
if [ "${src_name##*_}" != "6" ]
then
# special IPv4 rules
f_iptrule "-A" "${ban_chain} -p udp --dport 67:68 --sport 67:68 -j RETURN"
else
f_iptrule "-A" "${ban_chain} -p udp -s fc00::/6 --sport 547 -d fc00::/6 --dport 546 -j RETURN"
f_iptrule "-A" "${ban_chain} -p ipv6-icmp -s fe80::/10 -d fe80::/10 -j RETURN"
fi
for dev in ${ban_dev}
do