[strongSwan] Avoid leakage of packets addressed to/from private IP space
Vitaly Repin
vitaly_repin at fsfe.org
Mon Sep 7 21:30:41 CEST 2015
Hello,
2015-09-07 17:54 GMT+03:00 Vitaly Repin <vitaly_repin at fsfe.org>:
>
> Something like this (but of course with ipsets) :
>
> iptables -A FORWARD -d 10.0.0.0/8 -j LOG --log-level info
> --log-prefix "IPTABLES-BLKO"
> iptables -A FORWARD -d 10.0.0.0/8 -j DROP
>
> ?
>
> Have not had opportunity to test this idea yet.
Tested. :-) Sorry for the stupid idea.
--
WBR & WBW, Vitaly
More information about the Users
mailing list