summaryrefslogtreecommitdiffhomepage
path: root/windows
diff options
context:
space:
mode:
Diffstat (limited to 'windows')
-rw-r--r--windows/winfw/src/winfw/rules/baseline/permitlan.cpp6
1 files changed, 6 insertions, 0 deletions
diff --git a/windows/winfw/src/winfw/rules/baseline/permitlan.cpp b/windows/winfw/src/winfw/rules/baseline/permitlan.cpp
index 21f082ce78..e655020287 100644
--- a/windows/winfw/src/winfw/rules/baseline/permitlan.cpp
+++ b/windows/winfw/src/winfw/rules/baseline/permitlan.cpp
@@ -110,10 +110,16 @@ bool PermitLan::applyIpv6(IObjectInstaller &objectInstaller) const
conditionBuilder.reset();
+ const wfp::IpNetwork interfaceLocalMulticast(wfp::IpAddress::Literal6({ 0xFF01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 }), 16);
const wfp::IpNetwork linkLocalMulticast(wfp::IpAddress::Literal6({ 0xFF02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 }), 16);
+ const wfp::IpNetwork realmLocalMulticast(wfp::IpAddress::Literal6({ 0xFF03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 }), 16);
+ const wfp::IpNetwork adminLocalMulticast(wfp::IpAddress::Literal6({ 0xFF04, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 }), 16);
const wfp::IpNetwork siteLocalMulticast(wfp::IpAddress::Literal6({ 0xFF05, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 }), 16);
+ conditionBuilder.add_condition(ConditionIp::Remote(interfaceLocalMulticast));
conditionBuilder.add_condition(ConditionIp::Remote(linkLocalMulticast));
+ conditionBuilder.add_condition(ConditionIp::Remote(realmLocalMulticast));
+ conditionBuilder.add_condition(ConditionIp::Remote(adminLocalMulticast));
conditionBuilder.add_condition(ConditionIp::Remote(siteLocalMulticast));
return objectInstaller.addFilter(filterBuilder, conditionBuilder);
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.