The multicast network segment 224.0.0.0/4 is used for a lot of different services provided by the local ISP's. (IPTV etc.)
We have to allow traffic from this networks when using one of the BOGON blocklists in order to get those ISP services still accessable.
https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xht...
Fixes 13092.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org --- config/firewall/rules.pl | 1 + 1 file changed, 1 insertion(+)
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index 6c08feb86..7edb910e2 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -55,6 +55,7 @@ my @PRIVATE_NETWORKS = ( "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10", + "224.0.0.0/4", );
# MARK masks
Reviewed-by: Michael Tremer michael.tremer@ipfire.org
On 25 Apr 2023, at 19:40, Stefan Schantl stefan.schantl@ipfire.org wrote:
The multicast network segment 224.0.0.0/4 is used for a lot of different services provided by the local ISP's. (IPTV etc.)
We have to allow traffic from this networks when using one of the BOGON blocklists in order to get those ISP services still accessable.
https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xht...
Fixes 13092.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org
config/firewall/rules.pl | 1 + 1 file changed, 1 insertion(+)
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index 6c08feb86..7edb910e2 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -55,6 +55,7 @@ my @PRIVATE_NETWORKS = ( "172.16.0.0/12", "192.168.0.0/16", "100.64.0.0/10",
- "224.0.0.0/4",
);
# MARK masks
2.30.2
-
Michael Tremer -
Stefan Schantl