diff --git a/src/opnsense/scripts/filter/update_bogons.sh b/src/opnsense/scripts/filter/update_bogons.sh index fe8c3daa2..6b6987eec 100755 --- a/src/opnsense/scripts/filter/update_bogons.sh +++ b/src/opnsense/scripts/filter/update_bogons.sh @@ -56,9 +56,8 @@ ENTRIES_TOT=`pfctl -vvsTables | awk '/Addresses/ {s+=$2}; END {print s}'` ENTRIES_V4=`pfctl -vvsTables | awk '/-\tbogons$/ {getline; print $2}'` LINES_V4=`wc -l ${WORKDIR}/fullbogons-ipv4.txt | awk '{ print $1 }'` if [ $ENTRIES_MAX -gt $((2*ENTRIES_TOT-${ENTRIES_V4:-0}+LINES_V4)) ]; then - # These bogons are removed as they are private. I'm not going - # to question this now, adding a big WARNING instead. Here be - # dragons... + # private and pseudo-private networks will be excluded + # as they are being operated by a separate GUI option egrep -v "^100.64.0.0/10|^192.168.0.0/16|^172.16.0.0/12|^10.0.0.0/8" ${WORKDIR}/fullbogons-ipv4.txt > ${DESTDIR}/bogons RESULT=`/sbin/pfctl -t bogons -T replace -f ${DESTDIR}/bogons 2>&1` echo "$RESULT" | awk '{ print "Bogons V4 file downloaded: " $0 }' | logger diff --git a/src/www/interfaces.php b/src/www/interfaces.php index fed3680b2..7b6ddd663 100644 --- a/src/www/interfaces.php +++ b/src/www/interfaces.php @@ -1838,8 +1838,8 @@ include("head.inc");