Révision 66b1a7a9
Allow ICMPv6 Router Advertisment packets
| files/config/puppet-inet-filter.nft | ||
|---|---|---|
| 7 | 7 |
ct state invalid drop |
| 8 | 8 |
|
| 9 | 9 |
ip protocol icmp icmp type { destination-unreachable, time-exceeded, parameter-problem } accept
|
| 10 |
ip6 nexthdr ipv6-icmp icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, mld-listener-query, mld-listener-report, mld-listener-done, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept
|
|
| 10 |
ip6 nexthdr ipv6-icmp icmpv6 type { destination-unreachable, packet-too-big, time-exceeded, parameter-problem, mld-listener-query, mld-listener-report, mld-listener-done, nd-router-advert, nd-neighbor-solicit, nd-neighbor-advert, ind-neighbor-solicit, ind-neighbor-advert, mld2-listener-report } accept
|
|
| 11 | 11 |
ip protocol icmp icmp type echo-request limit rate 4/second accept |
| 12 | 12 |
ip6 nexthdr ipv6-icmp icmpv6 type echo-request limit rate 4/second accept |
| 13 | 13 |
} |
Formats disponibles : Unified diff