summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNiklas Yann Wettengel <niyawe@niyawe.de>2018-04-12 19:32:37 +0200
committerNiklas Yann Wettengel <niyawe@niyawe.de>2018-04-12 19:32:37 +0200
commit2c1d3f36ebbbddb404f225ba1be03397e424a3a5 (patch)
tree9adbaffc864726279e84f52f54a0fe47ec55e913
parentf81e146f6c98f33f76a529f26c4519ec6f74c36d (diff)
drop fastd traffic from freifunk
-rw-r--r--roles/configure_iptables/templates/ip6tables.rules1
-rw-r--r--roles/configure_iptables/templates/iptables.rules1
2 files changed, 2 insertions, 0 deletions
diff --git a/roles/configure_iptables/templates/ip6tables.rules b/roles/configure_iptables/templates/ip6tables.rules
index c0ec379..bee7c48 100644
--- a/roles/configure_iptables/templates/ip6tables.rules
+++ b/roles/configure_iptables/templates/ip6tables.rules
@@ -45,6 +45,7 @@ COMMIT
# ntp
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
# fastd
+-A INPUT -s 2a03:2260:1016::/48 -p udp -m udp --dport 10010:10021 -j DROP
-A INPUT -p udp -m udp --dport 10010:10021 -j ACCEPT
# wireguard_mesh
{% for site in sites %}
diff --git a/roles/configure_iptables/templates/iptables.rules b/roles/configure_iptables/templates/iptables.rules
index a3ee47e..9a71279 100644
--- a/roles/configure_iptables/templates/iptables.rules
+++ b/roles/configure_iptables/templates/iptables.rules
@@ -47,6 +47,7 @@ COMMIT
# ntp
-A INPUT -p udp -m udp --dport 123 -j ACCEPT
# fastd
+-A INPUT -s 10.222.0.0/16 -p udp -m udp --dport 10010:10021 -j DROP
-A INPUT -p udp -m udp --dport 10010:10021 -j ACCEPT
{% endif %}
# MOSH