16 lines
550 B
Plaintext
16 lines
550 B
Plaintext
nft -f - <<__EOF
|
|
table bridge filter {
|
|
chain INPUT {
|
|
# Erlaube router solicitation von client zu knoten
|
|
# -p IPv6 -i ! bat0 --ip6-proto ipv6-icmp --ip6-icmp-type router-solicitation -j ACCEPT
|
|
iifname != "bat0" ether type ip6 ip6 nexthdr icmpv6 icmpv6 type nd-router-solicit counter accept
|
|
}
|
|
|
|
chain OUTPUT {
|
|
# Erlaube router advertisment von knoten zu client
|
|
# -p IPv6 -o ! bat0 --ip6-proto ipv6-icmp --ip6-icmp-type router-advertisement -j ACCEPT
|
|
oifname != "bat0" ether type ip6 icmpv6 type nd-router-advert counter accept
|
|
}
|
|
}
|
|
__EOF
|