|
|
|
@ -44,6 +44,22 @@ config rule |
|
|
|
|
option target ACCEPT |
|
|
|
|
|
|
|
|
|
# Allow essential incoming IPv6 ICMP traffic |
|
|
|
|
config rule |
|
|
|
|
option src wan |
|
|
|
|
option proto icmp |
|
|
|
|
list icmp_type echo-request |
|
|
|
|
list icmp_type destination-unreachable |
|
|
|
|
list icmp_type packet-too-big |
|
|
|
|
list icmp_type time-exceeded |
|
|
|
|
list icmp_type bad-header |
|
|
|
|
list icmp_type unknown-header-type |
|
|
|
|
list icmp_type router-solicitation |
|
|
|
|
list icmp_type neighbour-solicitation |
|
|
|
|
option limit 1000/sec |
|
|
|
|
option family ipv6 |
|
|
|
|
option target ACCEPT |
|
|
|
|
|
|
|
|
|
# Allow essential forwarded IPv6 ICMP traffic |
|
|
|
|
config rule |
|
|
|
|
option src wan |
|
|
|
|
option dest * |
|
|
|
|