8 年之前 · 38072abc54
--- a/src/freedombone-utils-firewall
+++ b/src/freedombone-utils-firewall
@@ -466,4 +466,20 @@ function firewall_unblock_domain {
 
				     fi
			
 
				 }
			
 
				 
			
 
				+function firewall_drop_spoofed_packets {
			
 
				+    if [[ $(is_completed $FUNCNAME) == "1" ]]; then
			
 
				+        return
			
 
				+    fi
			
 
				+    iptables -t mangle -A PREROUTING -s 224.0.0.0/3 -j DROP
			
 
				+    iptables -t mangle -A PREROUTING -s 169.254.0.0/16 -j DROP
			
 
				+    iptables -t mangle -A PREROUTING -s 172.16.0.0/12 -j DROP
			
 
				+    iptables -t mangle -A PREROUTING -s 192.0.2.0/24 -j DROP
			
 
				+    iptables -t mangle -A PREROUTING -s 10.0.0.0/8 -j DROP
			
 
				+    iptables -t mangle -A PREROUTING -s 240.0.0.0/5 -j DROP
			
 
				+    iptables -t mangle -A PREROUTING -s 127.0.0.0/8 ! -i lo -j DROP
			
 
				+    function_check save_firewall_settings
			
 
				+    save_firewall_settings
			
 
				+    mark_completed $FUNCNAME
			
 
				+}
			
 
				+
			
 
				 # NOTE: deliberately no exit 0
			
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -564,6 +564,9 @@ function setup_firewall {
 
				     function_check firewall_drop_telnet
			
 
				     firewall_drop_telnet
			
 
				 
			
 
				+    function_check firewall_drop_spoofed_packets
			
 
				+    firewall_drop_spoofed_packets
			
 
				+
			
 
				     function_check configure_firewall_for_dns
			
 
				     configure_firewall_for_dns