On second thought, lets use pipe symbol instead of colon, so we maintain ipv6 compatibility
parent
67a3a6c95c
commit
8c61205744
|
@ -9,6 +9,10 @@
|
||||||
- New block file format, much more capable now, thanks to
|
- New block file format, much more capable now, thanks to
|
||||||
an hour or two of improving my bash scripting skills to the
|
an hour or two of improving my bash scripting skills to the
|
||||||
point where I can do more complex breakdowns of formats
|
point where I can do more complex breakdowns of formats
|
||||||
|
- Rename blocked to ipv4-blocked since we're going to have
|
||||||
|
ipv6 support
|
||||||
|
- ipv6 blocking support. Different format for config file
|
||||||
|
because IPv6 uses :, which means we get to use |
|
||||||
|
|
||||||
0.9.7 - Brielle Bruns <bruns@2mbit.com>
|
0.9.7 - Brielle Bruns <bruns@2mbit.com>
|
||||||
- Support for marking packets, uses new config file and
|
- Support for marking packets, uses new config file and
|
||||||
|
|
|
@ -139,8 +139,8 @@ if [ $BLOCKEDIP ]; then
|
||||||
display_c YELLOW "Adding blocked IPs... "
|
display_c YELLOW "Adding blocked IPs... "
|
||||||
for i in `grep -v "\#" $BLOCKEDIP`; do
|
for i in `grep -v "\#" $BLOCKEDIP`; do
|
||||||
#echo -n "$i "
|
#echo -n "$i "
|
||||||
if [[ "$i" =~ ":" ]]; then
|
if [[ "$i" =~ "|" ]]; then
|
||||||
IFS_OLD=${IFS};IFS=:
|
IFS_OLD=${IFS};IFS=\|
|
||||||
ADVBLKIP=($i)
|
ADVBLKIP=($i)
|
||||||
IFS=${IFS_OLD}
|
IFS=${IFS_OLD}
|
||||||
SRCIF=${ADVBLKIP[0]}
|
SRCIF=${ADVBLKIP[0]}
|
||||||
|
|
|
@ -2,11 +2,11 @@
|
||||||
# Two formats:
|
# Two formats:
|
||||||
# 1) One IP or range per line
|
# 1) One IP or range per line
|
||||||
# 2) One ip or range per line with added specific IN/OUT/FWD and TCP/UDP port (added in 0.9.8)
|
# 2) One ip or range per line with added specific IN/OUT/FWD and TCP/UDP port (added in 0.9.8)
|
||||||
# <SRC IF>:<SRC IP>:<SRC PORT RNG>:<DST IF>:<DST IP>:<DST PORT RNG>:<IN/OUT/FWD>:<PROTO>
|
# <SRC IF>|<SRC IP>|<SRC PORT RNG>|<DST IF>|<DST IP>|<DST PORT RNG>|<IN/OUT/FWD>|<PROTO>
|
||||||
# One can leave out <SRC IF> <SRC IP> <SRC PORT RNG> <DST IF> <DST IP> <DST PORT RNG>
|
# One can leave out <SRC IF> <SRC IP> <SRC PORT RNG> <DST IF> <DST IP> <DST PORT RNG>
|
||||||
# if you want to apply to all ports/interfaces/etc
|
# if you want to apply to all ports/interfaces/etc
|
||||||
# Example:
|
# Example:
|
||||||
# - Block SRC of eth1 192.168.0.5:80 from contacting DST eth0 192.168.1.10:20 through 21, TCP
|
# - Block SRC of eth1 192.168.0.5:80 from contacting DST eth0 192.168.1.10:20 through 21, TCP
|
||||||
# eth1:192.168.0.5:80:eth0:192.168.1.10:20-21:IN:TCP
|
# eth1|192.168.0.5|80|eth0|192.168.1.10|20-21|IN|TCP
|
||||||
# Useful ones that I use at home are:
|
# Useful ones that I use at home are|
|
||||||
#::6881-6999:::OUT:TCP
|
#||6881-6999|||OUT|TCP
|
||||||
|
|
Loading…
Reference in New Issue