This prevents private traffic from leaking out to the internet
SVN-Revision: 35012
PKG_NAME:=firewall
PKG_VERSION:=2
-PKG_RELEASE:=55
+PKG_RELEASE:=56
include $(INCLUDE_DIR)/package.mk
option family ipv6
option target ACCEPT
+# Block ULA-traffic from leaking out
+config rule
+ option name Enforce-ULA-Border-Src
+ option src *
+ option dest wan
+ option proto all
+ option src_ip fc00::/7
+ option family ipv6
+ option target REJECT
+
+config rule
+ option name Enforce-ULA-Border-Dest
+ option src *
+ option dest wan
+ option proto all
+ option dest_ip fc00::/7
+ option family ipv6
+ option target REJECT
+
# include a file with users custom iptables rules
config include
option path /etc/firewall.user