Modify

Opened 6 years ago

Closed 6 years ago

#10381 closed defect (fixed)

firewall misses default rule for IPv6 DHCP replies on WAN interface

Reported by: pb@… Owned by: developers
Priority: normal Milestone: Backfire 10.03.1
Component: base system Version: Backfire 10.03.1 RC5
Keywords: Cc:

Description

Any renegotiation using dhcp6c fails during router is already up and running because there is no default rule for IPv6 DHCP relies on WAN interface (and it looks like this is not catched by connection tracking).

Please extend default /etc/config/firewall with

config 'rule'

option 'target' 'ACCEPT'
option '_name' 'DHCPv6 reply'
option 'src' 'wan'
option 'proto' 'udp'
option 'dest_port' '546'
option 'family' 'ipv6'
option 'src_ip' 'fe80::/10'
option 'src_port' '547'
option 'dest_ip' 'fe80::/10'

Attachments (0)

Change History (2)

comment:1 Changed 6 years ago by anonymous

config 'rule'
	option 'target' 'ACCEPT'
	option '_name' 'DHCPv6 reply'
	option 'src' 'wan'
	option 'proto' 'udp'
	option 'dest_port' '546'
	option 'family' 'ipv6'
	option 'src_ip' 'fe80::/10'
	option 'src_port' '547'
	option 'dest_ip' 'fe80::/10'

comment:2 Changed 6 years ago by jow

  • Resolution set to fixed
  • Status changed from new to closed

Added in r28874 and r28875 - thanks!

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.