From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 11 Mar 2012 16:34:38 +0000 (+0000)
Subject: local.m4: Actually use the IPv6 fragmentation forbidding filter.
X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/commitdiff_plain/87bf159206865ef85e8caa5f2830b141407eb01e

local.m4: Actually use the IPv6 fragmentation forbidding filter.
---

diff --git a/local.m4 b/local.m4
index f373e3f..251cf59 100644
--- a/local.m4
+++ b/local.m4
@@ -161,7 +161,7 @@ case $forward in
     run iptables -A fwd-spec-nofrag -j RETURN --fragment
     run ip6tables -A fwd-spec-nofrag -j RETURN \
 	    -m ipv6header --soft --header frag
-    run iptables -A FORWARD -j fwd-spec-nofrag
+    run ip46tables -A FORWARD -j fwd-spec-nofrag
 
     ## Allow ping from safe/noloop to untrusted networks.
     run iptables -A fwd-spec-nofrag -j ACCEPT \