holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Allow link-level and multi-cast traffic when Shorewall6 is stopped

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9123 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-12-18 23:00:19 +00:00
parent afdcba0da7
commit d9bd01d720
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Shorewall-perl/Shorewall/Compiler.pm
View File

@ -512,6 +512,23 @@ EOF
);
}
if ( $family == F_IPV6 ) {
emit <<'EOF';
#
# Enable link local and multi-cast
#
run_iptables -A INPUT -s ff80::/10 -j ACCEPT
run_iptables -A INPUT -d ff80::/10 -j ACCEPT
run_iptables -A INPUT -d ff00::/10 -j ACCEPT
EOF
emit <<'EOF' unless $config{ADMINISABSENTMINDED};
run_iptables -A OUTPUT -d ff80::/10 -j ACCEPT
run_iptables -A OUTPUT -d ff00::/10 -j ACCEPT
EOF
}
process_routestopped;
emit( 'do_iptables -A INPUT -i lo -j ACCEPT',