Drop spoofed packets

src/freedombone-utils-firewall

     fi
 }
 
+function firewall_drop_spoofed_packets {
+    if [[ $(is_completed $FUNCNAME) == "1" ]]; then
+        return
+    fi
+    iptables -t mangle -A PREROUTING -s 224.0.0.0/3 -j DROP
+    iptables -t mangle -A PREROUTING -s 169.254.0.0/16 -j DROP
+    iptables -t mangle -A PREROUTING -s 172.16.0.0/12 -j DROP
+    iptables -t mangle -A PREROUTING -s 192.0.2.0/24 -j DROP
+    iptables -t mangle -A PREROUTING -s 10.0.0.0/8 -j DROP
+    iptables -t mangle -A PREROUTING -s 240.0.0.0/5 -j DROP
+    iptables -t mangle -A PREROUTING -s 127.0.0.0/8 ! -i lo -j DROP
+    function_check save_firewall_settings
+    save_firewall_settings
+    mark_completed $FUNCNAME
+}
+
 # NOTE: deliberately no exit 0

src/freedombone-utils-setup

     function_check firewall_drop_telnet
     firewall_drop_telnet
 
+    function_check firewall_drop_spoofed_packets
+    firewall_drop_spoofed_packets
+
     function_check configure_firewall_for_dns
     configure_firewall_for_dns