[pve-devel] [PATCH v2 firewall 2/2] Add router-solicitation to NeighborDiscovery macro
Wolfgang Bumiller
w.bumiller at proxmox.com
Fri Feb 19 09:43:33 CET 2016
to be more consistent with the host-wide NDP option.
This macro is now mostly useful to disable NDP on VMs.
---
src/PVE/Firewall.pm | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 25f1cc9..c556be4 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -138,6 +138,7 @@ my $pve_ipv6fw_macros = {
],
'NeighborDiscovery' => [
"IPv6 neighbor solicitation, neighbor and router advertisement",
+ { action => 'PARAM', proto => 'icmpv6', dport => 'router-solicitation' },
{ action => 'PARAM', proto => 'icmpv6', dport => 'router-advertisement' },
{ action => 'PARAM', proto => 'icmpv6', dport => 'neighbor-solicitation' },
{ action => 'PARAM', proto => 'icmpv6', dport => 'neighbor-advertisement' },
--
2.1.4
More information about the pve-devel
mailing list