[OpenWrt-Devel] firewall instead of routing rules to keep ULAs from escaping
Steven Barth
cyrus at openwrt.org
Tue Jun 16 11:05:36 EDT 2015
You should see an unreachable route for your own local ULA /48.
Also if your clients try to use your local ULA as source to reach
anything outside of the ULA (e.g. global addresses) this is blocked
(there is no matching route - simpler explanation to my previous post).
I don't see any particular point to blocking all of the ULA-space as
destination though.
If you think its useful for you you can either add a firewall route or
an unreachable route manually in /etc/config/firewall or
/etc/config/network respectively.
Cheers,
Steven
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list