nchevsky/systemrescue-zfs
1
0
Fork 0
mirror of https://github.com/nchevsky/systemrescue-zfs.git synced 2026-03-01 18:53:48 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into 'master'

Browse source 
Allow all types of ICMP packets in ip6tables rules (#105)

See merge request fdupoux/sysresccd-src!46
This commit is contained in:
Francois Dupoux 2020-04-28 07:25:47 +00:00
parent f586e13e36 cb5fa2147d
commit 8ea6ff2872
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
airootfs/etc/iptables/ip6tables.rules
View file

@ -5,7 +5,7 @@
-N LOGDROP
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p ipv6-icmp -m icmp6 --icmpv6-type 128 -m conntrack --ctstate NEW -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -j LOGDROP
-A LOGDROP -m limit --limit 10/sec -j LOG --log-prefix "iptables-dropped: "
-A LOGDROP -j DROP