diff options
author | Ermal <eri@pfsense.org> | 2013-01-30 10:43:34 +0000 |
---|---|---|
committer | Ermal <eri@pfsense.org> | 2013-01-30 10:43:34 +0000 |
commit | 311959fe8b65db2bbb39e06f27e91f242bf101fe (patch) | |
tree | f6b87e41497e8afb9d4addeafa96b3e1b5f57710 | |
parent | 8dd9f19a79773c997778707d0b66b8b45f725643 (diff) | |
download | pfsense-311959fe8b65db2bbb39e06f27e91f242bf101fe.zip pfsense-311959fe8b65db2bbb39e06f27e91f242bf101fe.tar.gz |
Ticket #2412. Also allow ipv6 traffic to flow on the stf interface
-rw-r--r-- | etc/inc/filter.inc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index c891200..dbca698 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -2658,6 +2658,8 @@ EOD; # allow our proto 41 traffic from the 6RD border relay in pass in on \${$oc['descr']} proto 41 from {$config['interfaces'][$on]['gateway-6rd']} to any label "Allow 6in4 traffic in for 6rd on {$oc['descr']}" pass out on \${$oc['descr']} proto 41 from any to {$config['interfaces'][$on]['gateway-6rd']} label "Allow 6in4 traffic out for 6rd on {$oc['descr']}" +pass in on \${$oc['descr']} inet6 from any to {$oc['ipv6']}/{$oc['snv6']} label "Allow 6rd traffic in for 6rd on {$oc['descr']}" +pass out on \${$oc['descr']} inet6 from {$oc['ipv6']}/{$oc['snv6']} to any label "Allow 6rd traffic out for 6rd on {$oc['descr']}" EOD; break; @@ -2666,7 +2668,9 @@ EOD; # allow our proto 41 traffic from the 6to4 border relay in pass in on \${$oc['descr']} proto 41 from any to {$oc['ip']} label "Allow 6in4 traffic in for 6to4 on {$oc['descr']}" +pass in on \${$oc['descr']} inet6 from any to {$oc['ipv6']}/{$oc['snv6']} label "Allow 6in4 traffic in for 6to4 on {$oc['descr']}" pass out on \${$oc['descr']} proto 41 from {$oc['ip']} to any label "Allow 6in4 traffic out for 6to4 on {$oc['descr']}" +pass out on \${$oc['descr']} inet6 from {$oc['ipv6']}/{$oc['snv6']} to any label "Allow 6in4 traffic out for 6to4 on {$oc['descr']}" EOD; break; |