Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block private & bogon networks on OPT1

    Firewalling
    2
    2
    1.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rigius
      last edited by

      Hi,

      Would putting <blockpriv>and <blockbogons>on the interfaces section of /cf/conf/config.xml like this:

      		 <opt1><descr>WAN2</descr>
			<if>rl1</if>
			 <bridge><ipaddr>dhcp</ipaddr>
			 <spoofmac><blockpriv><blockbogons><mtu>1492</mtu>
			 <disableftpproxy><dhcphostname></dhcphostname></disableftpproxy></blockbogons></blockpriv></spoofmac></bridge></opt1>

      and rebooting do the trick of blocking private IPs and bogons on OPT1 even if the graphical interface is not updated (neither the "interfaces" nor the firewall "rules" page)?

      Regards,

      Rigius</blockbogons></blockpriv>

      1 Reply Last reply Reply Quote 0
      • T
        Takaratiki
        last edited by

        Something that seems to work for me is creating an alias of RFC 1918 addresses and blocking that on OPT1 for WAN purposes.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post