[pve-devel] pve-firewall IPv6 patch
flav at flav.com
Sat May 9 12:42:55 CEST 2015
The IPv6 protocol uses a lot for ICMP and multicast in order to allow
After different searches I've found that some more ICMPv6 types have
to be enabled.
After reading post like this :
http://www.cert.ssi.gouv.fr/site/CERTA-2006-INF-004/ (sorry in
I've found that rules like this
https://www.cert.org/downloads/IPv6/ip6tables_rules.txt or from
shorewall /usr/share/shorewall6/action.AllowICMPs makes thinks working
After reading RFC4890, I confirm all this kind of packets should not
be dropped (read section 4.3.2 and 4.3.3).
So here is a proposed patch.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4466 bytes
Desc: not available
More information about the pve-devel