~mdw / firewall / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
local.m4: Actually use the IPv6 fragmentation forbidding filter.
[firewall] / local.m4
diff --git a/local.m4 b/local.m4
index f373e3f..251cf59 100644 (file)
--- a/local.m4
+++ b/local.m4
@@ -161,7 +161,7 @@ case $forward in
     run iptables -A fwd-spec-nofrag -j RETURN --fragment
     run ip6tables -A fwd-spec-nofrag -j RETURN \
            -m ipv6header --soft --header frag
-    run iptables -A FORWARD -j fwd-spec-nofrag
+    run ip46tables -A FORWARD -j fwd-spec-nofrag
 
     ## Allow ping from safe/noloop to untrusted networks.
     run iptables -A fwd-spec-nofrag -j ACCEPT \
Firewall scripts for distorted.org.uk.