The client type rule allows DHCP, implicitly. Since DHCPv6 uses

link-local address unlike with DHCP, we need one more rule to allow the DHCPv6. Reported by: David Horn <dhorn2000__at__gmail.com>
2010-01-09 19:16:27 +00:00 · 2010-01-09 19:16:27 +00:00 · 7615a7f1f6
commit 7615a7f1f6
parent 22f09c9f1e
1 changed files with 2 additions and 0 deletions
--- a/etc/rc.firewall
+++ b/etc/rc.firewall
@ -220,6 +220,8 @@ case ${firewall_type} in
 		# Allow any link-local multicast traffic
 		${fwcmd} add pass all from fe80::/10 to ff02::/16
 		${fwcmd} add pass all from ${net6} to ff02::/16
+		# Allow DHCPv6
+		${fwcmd} add pass udp from fe80::/10 to me6 546
 	fi

 	# Allow TCP through if setup succeeded