Open giannidaprile opened 7 years ago
thanks!
Well, this what the lists included in firehol_level2 do. I don't filter anything...
Let's see who added it:
# iprange --header bogons.netset --compare-next blocklist_de.ipset dshield_1d.netset greensnow.ipset openbl_1d.ipset virbl.ipset | grep -v ",0$"name1,name2,entries1,entries2,ips1,ips2,combined_ips,common_ips
bogons.netset,greensnow.ipset,13,1353,592708608,1353,592709960,1
It is greensnow
.
keep in mind that firehol_level2 is to be used exclusively on the internet facing interface. If you apply it right, you should want private IPs to be filtered out (you should have filtered them already).
If however you need to remove private IPs from firehol_level2, I suggest to run this command:
iprange firehol_level2.netset --except bogons.netset
I am sorry, but I cannot fix that myself. The rule I follow is very simple: never alter what the list maintainers do.
192.168.1.30 should not be present/allowed in firehol_level2. Issue was seen on 12/29/2016.