mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-15 06:06:02 -06:00
added link-local addresses to 'nolocal' firewall configs (#7054)
This commit is contained in:
netblue30
parent
6f8cc61d00
commit
46134f6972
2 changed files with 2 additions and 0 deletions
|
|
@ -30,6 +30,7 @@
|
|||
-A OUTPUT -d 192.168.0.0/16 -j DROP
|
||||
-A OUTPUT -d 10.0.0.0/8 -j DROP
|
||||
-A OUTPUT -d 172.16.0.0/12 -j DROP
|
||||
-A OUTPUT -d 169.254.0.0/16 -j DROP
|
||||
|
||||
# drop multicast traffic
|
||||
-A OUTPUT -d 224.0.0.0/4 -j DROP
|
||||
|
|
|
|||
|
|
@ -33,6 +33,7 @@
|
|||
|
||||
# drop all local network traffic
|
||||
-A OUTPUT -d FC00::/7 -j DROP
|
||||
-A OUTPUT -d fe80::/10 -j DROP
|
||||
|
||||
# drop multicast traffic
|
||||
# required for ipv6
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue