From d9bd01d720c8f0fec2c11dc7b68fa6b97f24ee9a Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 18 Dec 2008 23:00:19 +0000
Subject: [PATCH] Allow link-level and multi-cast traffic when Shorewall6 is
 stopped

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9123 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-perl/Shorewall/Compiler.pm | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/Shorewall-perl/Shorewall/Compiler.pm b/Shorewall-perl/Shorewall/Compiler.pm
index e72de51af..9a70e3233 100644
--- a/Shorewall-perl/Shorewall/Compiler.pm
+++ b/Shorewall-perl/Shorewall/Compiler.pm
@@ -512,6 +512,23 @@ EOF
 	      );
     }
 
+    if ( $family == F_IPV6 ) {
+	emit <<'EOF';
+    #
+    # Enable link local and multi-cast
+    #
+    run_iptables -A INPUT -s ff80::/10 -j ACCEPT
+    run_iptables -A INPUT -d ff80::/10 -j ACCEPT
+    run_iptables -A INPUT -d ff00::/10 -j ACCEPT
+EOF
+
+	emit <<'EOF' unless $config{ADMINISABSENTMINDED};
+    run_iptables -A OUTPUT -d ff80::/10 -j ACCEPT
+    run_iptables -A OUTPUT -d ff00::/10 -j ACCEPT
+
+EOF
+    }
+
     process_routestopped;
 
     emit( 'do_iptables -A INPUT  -i lo -j ACCEPT',