~mdw
/
firewall
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Extend proper ICMP handling to IPv6.
[firewall]
/
local.m4
diff --git
a/local.m4
b/local.m4
index
d91b171
..
f373e3f
100644
(file)
--- a/
local.m4
+++ b/
local.m4
@@
-172,10
+172,10
@@
case $forward in
-m mark --mark $from_untrusted/$MASK_FROM \
-m state --state ESTABLISHED
run ip6tables -A fwd-spec-nofrag -j ACCEPT \
-m mark --mark $from_untrusted/$MASK_FROM \
-m state --state ESTABLISHED
run ip6tables -A fwd-spec-nofrag -j ACCEPT \
- -p i
pv6-icmp
--icmpv6-type echo-request \
+ -p i
cmpv6
--icmpv6-type echo-request \
-m mark --mark $to_untrusted/$MASK_TO
run ip6tables -A fwd-spec-nofrag -j ACCEPT \
-m mark --mark $to_untrusted/$MASK_TO
run ip6tables -A fwd-spec-nofrag -j ACCEPT \
- -p i
pv6-icmp
--icmpv6-type echo-reply \
+ -p i
cmpv6
--icmpv6-type echo-reply \
-m mark --mark $from_untrusted/$MASK_FROM \
-m state --state ESTABLISHED
-m mark --mark $from_untrusted/$MASK_FROM \
-m state --state ESTABLISHED