Slackware/bootstrap
1
0
Fork 0
Code Releases Wiki Activity

Add extra icmp6 notifications to firewall.

Browse source
This commit is contained in:
Darren 'Tadgy' Austin 2021-02-14 20:51:01 +00:00
commit 7cd1a731e5
3 changed files with 13 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
sample-rc.d/rc.firewall-hosts
View file

@ -67,6 +67,8 @@ ip6tables -A INPUT -i "$EX_IF" -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
iptables -A INPUT -i "$EX_IF" -p icmp --icmp-type parameter-problem -j ACCEPT
ip6tables -A INPUT -i "$EX_IF" -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
ip6tables -A INPUT -i "$EX_IF" -p icmpv6 --icmpv6-type packet-too-big -j ACCEPT
#ip6tables -A INPUT -i "$EX_IF" -p icmpv6 --icmpv6-type neighbour-solicitation -j ACCEPT
#ip6tables -A INPUT -i "$EX_IF" -p icmpv6 --icmpv6-type neighbour-advertisement -j ACCEPT
# Always allow SSH.
# Note: We never want to be locked out of the system, so also accept on the standard ssh port, just in case things accidently get