The client type rule allows DHCP, implicitly. Since DHCPv6 uses
link-local address unlike with DHCP, we need one more rule to allow the DHCPv6. Reported by: David Horn <dhorn2000__at__gmail.com>
This commit is contained in:
parent
22f09c9f1e
commit
7615a7f1f6
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=201930
@ -220,6 +220,8 @@ case ${firewall_type} in
|
|||||||
# Allow any link-local multicast traffic
|
# Allow any link-local multicast traffic
|
||||||
${fwcmd} add pass all from fe80::/10 to ff02::/16
|
${fwcmd} add pass all from fe80::/10 to ff02::/16
|
||||||
${fwcmd} add pass all from ${net6} to ff02::/16
|
${fwcmd} add pass all from ${net6} to ff02::/16
|
||||||
|
# Allow DHCPv6
|
||||||
|
${fwcmd} add pass udp from fe80::/10 to me6 546
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Allow TCP through if setup succeeded
|
# Allow TCP through if setup succeeded
|
||||||
|
Loading…
Reference in New Issue
Block a user