~mdw
/
firewall
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
local.m4: Allow IPv6 ping separately.
[firewall]
/
local.m4
diff --git
a/local.m4
b/local.m4
index
7e7ad15
..
aeda659
100644
(file)
--- a/
local.m4
+++ b/
local.m4
@@
-190,7
+190,7
@@
defhost groove
defhost gibson
hosttype client
defhost gibson
hosttype client
- iface eth0 unsafe
+ iface eth0
.5
unsafe
## Colocated networks.
defnet jump trusted
## Colocated networks.
defnet jump trusted
@@
-225,8
+225,6
@@
defhost telecaster
defhost stratocaster
iface eth0 jump colo
iface eth1 jump colo
defhost stratocaster
iface eth0 jump colo
iface eth1 jump colo
-defhost jaguar
- iface eth0 jump
defhost jazz
hosttype router
iface eth0 jump colo vpn
defhost jazz
hosttype router
iface eth0 jump colo vpn
@@
-362,7
+360,8
@@
run iptables -A inbound -j ACCEPT \
-p udp --source-port $port_bootpc --destination-port $port_bootps
## Allow incoming ping. This is the only ICMP left.
-p udp --source-port $port_bootpc --destination-port $port_bootps
## Allow incoming ping. This is the only ICMP left.
-run ip46tables -A inbound -j ACCEPT -p icmp
+run iptables -A inbound -j ACCEPT -p icmp
+run ip6tables -A inbound -j ACCEPT -p icmpv6
m4_divert(88)m4_dnl
## Allow unusual things.
m4_divert(88)m4_dnl
## Allow unusual things.