nin: allow icmp6
This commit is contained in:
parent
6ed58852c0
commit
59940cb436
@ -158,6 +158,7 @@ with import <stockholm/lib>;
|
|||||||
filter.INPUT.rules = [
|
filter.INPUT.rules = [
|
||||||
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
|
{ predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
|
||||||
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
{ predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
|
||||||
|
{ predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; precedence = 10000; }
|
||||||
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
{ predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
|
||||||
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
{ predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
|
||||||
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
|
{ predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
|
||||||
|
Loading…
Reference in New Issue
Block a user