How to , and other stuff about linux, photo, php … Another blog just like others on internet

April 21, 2020

BFD – r-fx network ignore cdir

Filed under: Linux — Tags: , , , , — admin @ 12:46 pm

I personally like the r-fx project with apf / bfd firewall . I am using from long time and is great. One of the feature that is missing is that you can not exclude cdir format from bfd. My workarround was to install the grepcidr package and then on line 137 of /usr/local/bfd/bfd to modify it from

CHKHOST_IGNORE=`cat $file | grep -v “#” | grep -w $ATTACK_HOS`

into

CHKHOST_IGNORE=`/usr/bin/grepcidr -f $file <(echo $ATTACK_HOST)`

After this you can add x.x.x.x/y format

Powered by WordPress