f8269102a5
This firewall blocks all communication with fe80::1 from a Client to Batman and to the Node. We need this because some crap devices (e.g. a wrongly connected router on a clientport) have fe80::1 as address and break our setup. Signed-off-by: Christian Dresel <fff@chrisi01.de> Tested-by: Robert Langhammer <rlanghammer@web.de> Reviewed-by: Robert Langhammer <rlanghammer@web.de> Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
6 lines
205 B
Plaintext
6 lines
205 B
Plaintext
# Erlaube nur fe80::1 von BATMAN -> CLIENT
|
|
ebtables -A FORWARD -p IPv6 --ip6-source fe80::1 -j IN_ONLY
|
|
|
|
# Erlaube nur fe80::1 von KNOTEN -> CLIENT
|
|
ebtables -A INPUT -p IPv6 --ip6-source fe80::1 -j IN_ONLY
|