From 51761c3b9ba7c994e269328ab68e71318c9fbc34 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Thu, 9 Feb 2017 16:57:54 +0100
Subject: l 2: allow ipv6-icmp

---
 lass/2configs/default.nix | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lass/2configs/default.nix')

diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix
index d1810c00..2441f1b7 100644
--- a/lass/2configs/default.nix
+++ b/lass/2configs/default.nix
@@ -202,6 +202,7 @@ with import <stockholm/lib>;
       filter.INPUT.rules = [
         { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
         { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
+        { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false;  precedence = 10000; }
         { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
         { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
         { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
-- 
cgit v1.2.3