Generate rules
-
Hi!
Please, add point to line 2422 in /etc/inc/filter.inc... case "dhcp6": $ipfrules .= << <eod<br># allow our DHCPv6 client out to the {$oc['descr']} ...</eod<br>otherwise generate bad rules and a high risk to security.
-
Good catch, fix pushed out.
https://github.com/bsdperimeter/pfsense/commit/7d3eeb8c2e88593aeec5a70f6aafc0a974663bed -
Please add braces for block in the line number 2334 file /etc/inc/filter.inc. Otherwise, table <bogonsv6>is loaded multiple times if 2 or more interfaces have been the allowed blocking bogons.
... if($bogontableinstalled == 0) { $ipfrules .= "table <bogons>persist file \"/etc/bogons\"\n"; $ipfrules .= "table <bogonsv6>persist file \"/etc/bogonsv6\"\n; } $ipfrules .= <<<eod<br>...</eod<br></bogonsv6></bogons> ```</bogonsv6> -
My installation was also having errors with bogons(v6).
By following Michael Sh.'s suggestions I edited the filter.inc file as follows:if($bogontableinstalled == 0) { $ipfrules .= "table <bogons> persist file \"/etc/bogons\"\n"; $ipfrules .= "table <bogonsv6> persist file \"/etc/bogonsv6\"\n"; }</bogonsv6></bogons>The above code works fine for me. I had to add "; to the end of line 2337.```
$ipfrules .= "table <bogonsv6>persist file "/etc/bogonsv6"\n</bogonsv6> -
Fixed:
https://github.com/bsdperimeter/pfsense/commit/b8f855afda86e1bc46eb3fefff6885a9235d89e4 -
The above code works fine for me. I had to add "; to the end of line 2337.```
$ipfrules .= "table <bogonsv6>persist file "/etc/bogonsv6"\n</bogonsv6>I'm sorry, ";" was eaten by copy-paste.
