From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] firewall: Allow traffic from multicast networks
Date: Wed, 26 Apr 2023 05:47:14 +0100
Message-ID: <4EE84A19-8F5C-4959-9251-D612DEDDE795@ipfire.org>
In-Reply-To: <20230425184009.3674-1-stefan.schantl@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4449976436187685950=="
List-Id: <development.lists.ipfire.org>

--===============4449976436187685950==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 25 Apr 2023, at 19:40, Stefan Schantl <stefan.schantl(a)ipfire.org> wrot=
e:
>=20
> The multicast network segment 224.0.0.0/4 is used for a lot of
> different services provided by the local ISP's. (IPTV etc.)
>=20
> We have to allow traffic from this networks when using one of
> the BOGON blocklists in order to get those ISP services still
> accessable.
>=20
> https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xh=
tml
>=20
> Fixes 13092.
>=20
> Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
> ---
> config/firewall/rules.pl | 1 +
> 1 file changed, 1 insertion(+)
>=20
> diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
> index 6c08feb86..7edb910e2 100644
> --- a/config/firewall/rules.pl
> +++ b/config/firewall/rules.pl
> @@ -55,6 +55,7 @@ my @PRIVATE_NETWORKS =3D (
> "172.16.0.0/12",
> "192.168.0.0/16",
> "100.64.0.0/10",
> + "224.0.0.0/4",
> );
>=20
> # MARK masks
> --=20
> 2.30.2
>=20


--===============4449976436187685950==--