Skip to content

Commit

Permalink
Reject packets to private IP ranges instead of dropping them. (#7246)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vadimberezniker
vadimberezniker committed Aug 14, 2024
1 parent 211d3a5 commit 535fc19
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion server/util/networking/networking.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -704,7 +704,7 @@ func routingTableContainsTable(tableEntry string) (bool, error) {

func ConfigurePrivateRangeBlackholing(ctx context.Context, sourceRange string) error {
for _, r := range PrivateIPRanges {
if err := runCommand(ctx, "iptables", "--wait", "-I", "FORWARD", "-s", sourceRange, "-d", r, "-j", "DROP"); err != nil {
if err := runCommand(ctx, "iptables", "--wait", "-I", "FORWARD", "-s", sourceRange, "-d", r, "-j", "REJECT"); err != nil {
return err
}
}
Expand Down

0 comments on commit 535fc19

Please sign in to comment.