From 43ffe47b77ed9f405bd2a3268856fdbe667dfac3 Mon Sep 17 00:00:00 2001 From: Andrew Morgan Date: Wed, 8 May 2019 02:24:21 -0700 Subject: [PATCH] Enable federation blacklisting by default --- docs/sample_config.yaml | 20 ++++++++++---------- synapse/config/server.py | 20 ++++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml index 74b836e3ac..60ca373cbd 100644 --- a/docs/sample_config.yaml +++ b/docs/sample_config.yaml @@ -105,16 +105,16 @@ pid_file: DATADIR/homeserver.pid # blacklist IP address CIDR ranges. If this option is not specified, or # specified with an empty list, no ip range blacklist will be enforced. # -#federation_ip_range_blacklist: -# - '127.0.0.0/8' -# - '10.0.0.0/8' -# - '172.16.0.0/12' -# - '192.168.0.0/16' -# - '100.64.0.0/10' -# - '169.254.0.0/16' -# - '::1/128' -# - 'fe80::/64' -# - 'fc00::/7' +federation_ip_range_blacklist: + - '127.0.0.0/8' + - '10.0.0.0/8' + - '172.16.0.0/12' + - '192.168.0.0/16' + - '100.64.0.0/10' + - '169.254.0.0/16' + - '::1/128' + - 'fe80::/64' + - 'fc00::/7' # List of ports that Synapse should listen on, their purpose and their # configuration. diff --git a/synapse/config/server.py b/synapse/config/server.py index 1f11f0bcab..918b69a816 100644 --- a/synapse/config/server.py +++ b/synapse/config/server.py @@ -374,16 +374,16 @@ class ServerConfig(Config): # blacklist IP address CIDR ranges. If this option is not specified, or # specified with an empty list, no ip range blacklist will be enforced. # - #federation_ip_range_blacklist: - # - '127.0.0.0/8' - # - '10.0.0.0/8' - # - '172.16.0.0/12' - # - '192.168.0.0/16' - # - '100.64.0.0/10' - # - '169.254.0.0/16' - # - '::1/128' - # - 'fe80::/64' - # - 'fc00::/7' + federation_ip_range_blacklist: + - '127.0.0.0/8' + - '10.0.0.0/8' + - '172.16.0.0/12' + - '192.168.0.0/16' + - '100.64.0.0/10' + - '169.254.0.0/16' + - '::1/128' + - 'fe80::/64' + - 'fc00::/7' # List of ports that Synapse should listen on, their purpose and their # configuration.