freifunk-franken
/
firmware
9
7
Fork 13
Code Issues 48 Pull Requests 7 Releases 17 Wiki Activity
firmware/src/packages/fff/fff-node/files/usr/lib/firewall.d/30-client-dhcpv6

20 lines
545 B
Plaintext
Raw Blame History

nft -f - <<__EOF
table bridge filter {
chain MULTICAST_OUT {
# Erlaube DHCPv6 Requests
# -p IPv6 --ip6-proto udp --ip6-dport 547 -j RETURN
ether type ip6 udp dport 547 counter return
}
chain FORWARD {
# Erlaube nur DHCPv6 Request von CLIENT -> BATMAN
# -p IPv6 --ip6-proto udp --ip6-dport 547 -j OUT_ONLY
ether type ip6 udp dport 547 counter jump OUT_ONLY
# Erlaube nur DHCPv6 Antworten von BATMAN -> CLIENT
# -p IPv6 --ip6-proto udp --ip6-dport 546 -j IN_ONLY
ether type ip6 udp dport 546 counter jump IN_ONLY
}
}
__EOF
Reference in New Issue View Git Blame Copy Permalink