feuerrot/gist:941700c1dbc9b516cb55

## gistfile1.txt
function is_freifunk() {
        return (net ~ 10.0.0.0/8) && (net.len >= 16);
}

function is_pi() {
        return net ~ [
                192.175.48.0/24,
                217.115.14.32/28,
                37.1.89.192/26,
                46.4.248.192/27,
                78.46.228.160/28,
                83.133.178.0/23,
                88.198.76.200/29,
                185.28.77.192/27,
                185.66.192.0/22
        ]; # based on the pi-prefixes in the monotone-database
}

function is_dn42() {
        return (net ~ 172.22.0.0/15) && (net.len >= 22);
}

function is_chaosvpn() {
        return (net ~ 172.31.0.0/16) && (net.len >= 22);
}

function defaultreject() {
        print net; # prints the rejected net to syslog
        reject;
}

filter dn42 {
        if is_pi() then accept;
        if is_dn42() then accept;
        if is_freifunk() then accept;
        if is_chaosvpn() then accept;

        # this is old, not shure if needed
        if net = 10.0.0.0/8 then reject "Net is 10/8";
        if net = 172.16.0.0/12 then reject "Net is 172.16/12";

        defaultreject();
}
	function is_freifunk() {
	return (net ~ 10.0.0.0/8) && (net.len >= 16);
	}

	function is_pi() {
	return net ~ [
	192.175.48.0/24,
	217.115.14.32/28,
	37.1.89.192/26,
	46.4.248.192/27,
	78.46.228.160/28,
	83.133.178.0/23,
	88.198.76.200/29,
	185.28.77.192/27,
	185.66.192.0/22
	]; # based on the pi-prefixes in the monotone-database
	}

	function is_dn42() {
	return (net ~ 172.22.0.0/15) && (net.len >= 22);
	}

	function is_chaosvpn() {
	return (net ~ 172.31.0.0/16) && (net.len >= 22);
	}

	function defaultreject() {
	print net; # prints the rejected net to syslog
	reject;
	}

	filter dn42 {
	if is_pi() then accept;
	if is_dn42() then accept;
	if is_freifunk() then accept;
	if is_chaosvpn() then accept;

	# this is old, not shure if needed
	if net = 10.0.0.0/8 then reject "Net is 10/8";
	if net = 172.16.0.0/12 then reject "Net is 172.16/12";

	defaultreject();
	}