Reviewed-by: Michael Tremer michael.tremer@ipfire.org
On 14 Feb 2022, at 18:42, Stefan Schantl stefan.schantl@ipfire.org wrote:
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org
config/firewall/rules.pl | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index 5b1153b08..e009c1838 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -671,7 +671,11 @@ sub locationblock { # is enabled. foreach my $location (@locations) { if(exists $locationsettings{$location} && $locationsettings{$location} eq "on") {
run("$IPTABLES -A LOCATIONBLOCK -m geoip --src-cc $location -j DROP");
# Call function to load the networks list for this country.
&ipset_restore($location);
# Call iptables and create rule to use the loaded ipset list.
} }run("$IPTABLES -A LOCATIONBLOCK -m set --match-set CC_$location src -j DROP");
}
2.30.2