20 lines
1.0 KiB
Diff
20 lines
1.0 KiB
Diff
Origin: r962
|
|
Description: adjust ufw6-before-output rules for echo-reply and echo-request
|
|
Bug-Ubuntu: https://launchpad.net/bugs/1633698
|
|
|
|
Index: ufw-0.35/conf/before6.rules
|
|
===================================================================
|
|
--- ufw-0.35.orig/conf/before6.rules
|
|
+++ ufw-0.35/conf/before6.rules
|
|
@@ -77,8 +77,8 @@
|
|
-A ufw6-before-output -p icmpv6 --icmpv6-type time-exceeded -j ACCEPT
|
|
# codes 0-2
|
|
-A ufw6-before-output -p icmpv6 --icmpv6-type parameter-problem -j ACCEPT
|
|
--A ufw6-before-input -p icmpv6 --icmpv6-type echo-request -j ACCEPT
|
|
--A ufw6-before-input -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
|
|
+-A ufw6-before-output -p icmpv6 --icmpv6-type echo-request -j ACCEPT
|
|
+-A ufw6-before-output -p icmpv6 --icmpv6-type echo-reply -j ACCEPT
|
|
-A ufw6-before-output -p icmpv6 --icmpv6-type router-solicitation -m hl --hl-eq 255 -j ACCEPT
|
|
-A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-advertisement -m hl --hl-eq 255 -j ACCEPT
|
|
-A ufw6-before-output -p icmpv6 --icmpv6-type neighbor-solicitation -m hl --hl-eq 255 -j ACCEPT
|