lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 09:04:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

rework reply-to tag, disablereplyto at wrong location + missing in bogons

Browse Source
This commit is contained in:
Ad Schellevis 2017-05-31 18:34:30 +02:00
parent 9f31b9d523
commit b296b95614
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/etc/inc/filter.lib.inc
View File

@ -31,9 +31,16 @@ function filter_core_bootstrap($fw)
global $config;
// set defaults
$filter_rule_defaults = array();
$filter_rule_defaults['pass'] = array("type" => "pass", "log" => !isset($config['syslog']['nologdefaultpass']));
$filter_rule_defaults['block'] = array("type" => "block", "log" => !isset($config['syslog']['nologdefaultblock']));
$filter_rule_defaults['disablereplyto'] = 1 ; // don't generate "reply-to" tags on internal rules by default
$filter_rule_defaults['pass'] = array(
"type" => "pass",
"log" => !isset($config['syslog']['nologdefaultpass']),
"disablereplyto" => 1 // don't generate "reply-to" tags on internal rules by default
);
$filter_rule_defaults['block'] = array(
"type" => "block",
"log" => !isset($config['syslog']['nologdefaultblock']),
"disablereplyto" => 1 // don't generate "reply-to" tags on internal rules by default
);
// setup system filter rules
filter_core_rules_system($fw, $filter_rule_defaults);
@ -145,9 +152,10 @@ function filter_core_rules_system($fw, $defaults)
$fw->registerFilterRule(1,array('from' => '<virusprot>', 'label' => 'virusprot overload table'),$defaults['block']);
// block bogons and private nets
$bogontmpl = array('type' => 'block', 'log' => !isset($config['syslog']['nologbogons']));
$bogontmpl = array('type' => 'block', 'log' => !isset($config['syslog']['nologbogons']), 'disablereplyto' => 1);
$privtmpl = array('type' => 'block', 'log' => !isset($config['syslog']['nologprivatenets']),
'from' => '10.0.0.0/8,127.0.0.0/8,100.64.0.0/10,172.16.0.0/12,192.168.0.0/16,fc00::/7');
'from' => '10.0.0.0/8,127.0.0.0/8,100.64.0.0/10,172.16.0.0/12,192.168.0.0/16,fc00::/7',
'disablereplyto' => 1);
foreach ($fw->getInterfaceMapping() as $intf => $intfinfo) {
$fw->registerFilterRule(5,
array('from' => "<bogons>", 'direction' => 'in', 'interface' => $intf,