[PATCH] firewall: Allow traffic from multicast networks

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

* [PATCH] firewall: Allow traffic from multicast networks
@ 2023-04-25 18:40 Stefan Schantl
  2023-04-26  4:47 ` Michael Tremer
  0 siblings, 1 reply; 2+ messages in thread
From: Stefan Schantl @ 2023-04-25 18:40 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 795 bytes --]

The multicast network segment 224.0.0.0/4 is used for a lot of
different services provided by the local ISP's. (IPTV etc.)

We have to allow traffic from this networks when using one of
the BOGON blocklists in order to get those ISP services still
accessable.

https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml

Fixes 13092.

Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
---
 config/firewall/rules.pl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 6c08feb86..7edb910e2 100644
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -55,6 +55,7 @@ my @PRIVATE_NETWORKS = (
 	"172.16.0.0/12",
 	"192.168.0.0/16",
 	"100.64.0.0/10",
+	"224.0.0.0/4",
 );
 
 # MARK masks
-- 
2.30.2


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] firewall: Allow traffic from multicast networks
  2023-04-25 18:40 [PATCH] firewall: Allow traffic from multicast networks Stefan Schantl
@ 2023-04-26  4:47 ` Michael Tremer
  0 siblings, 0 replies; 2+ messages in thread
From: Michael Tremer @ 2023-04-26  4:47 UTC (permalink / raw)
  To: development

[-- Attachment #1: Type: text/plain, Size: 1025 bytes --]

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 25 Apr 2023, at 19:40, Stefan Schantl <stefan.schantl(a)ipfire.org> wrote:
> 
> The multicast network segment 224.0.0.0/4 is used for a lot of
> different services provided by the local ISP's. (IPTV etc.)
> 
> We have to allow traffic from this networks when using one of
> the BOGON blocklists in order to get those ISP services still
> accessable.
> 
> https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml
> 
> Fixes 13092.
> 
> Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
> ---
> config/firewall/rules.pl | 1 +
> 1 file changed, 1 insertion(+)
> 
> diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
> index 6c08feb86..7edb910e2 100644
> --- a/config/firewall/rules.pl
> +++ b/config/firewall/rules.pl
> @@ -55,6 +55,7 @@ my @PRIVATE_NETWORKS = (
> "172.16.0.0/12",
> "192.168.0.0/16",
> "100.64.0.0/10",
> + "224.0.0.0/4",
> );
> 
> # MARK masks
> -- 
> 2.30.2
> 


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-04-26  4:47 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-04-25 18:40 [PATCH] firewall: Allow traffic from multicast networks Stefan Schantl
2023-04-26  4:47 ` Michael Tremer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox