firmware/30-gateway-fe801 at f8269102a577b8a554343ab1c6ee319ca4934774 - firmware - Freifunk Franken Git

adschm/firmware

forked from freifunk-franken/firmware

Christian Dresel f8269102a5 fff-hoods: firewall fe80::1 from Client to Batman and Node

This firewall blocks all communication with fe80::1 from a
Client to Batman and to the Node.

We need this because some crap devices (e.g. a wrongly
connected router on a clientport) have fe80::1 as address
and break our setup.

Signed-off-by: Christian Dresel <fff@chrisi01.de>
Tested-by: Robert Langhammer <rlanghammer@web.de>
Reviewed-by: Robert Langhammer <rlanghammer@web.de>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>

2018-12-09 14:31:09 +01:00

6 lines

205 B

Plaintext

Raw Blame History

 # Erlaube nur fe80::1 von BATMAN -> CLIENT
 ebtables -A FORWARD -p IPv6 --ip6-source fe80::1 -j IN_ONLY
 # Erlaube nur fe80::1 von KNOTEN -> CLIENT
 ebtables -A INPUT -p IPv6 --ip6-source fe80::1 -j IN_ONLY