From e7230cb32e470f44dd3643047510b6ade18c2fc3 Mon Sep 17 00:00:00 2001
From: Seth Mos <seth.mos@dds.nl>
Date: Thu, 5 May 2011 13:50:35 +0200
Subject: Add firewall rules so that the DHCPv6 replies can come back in

---
 etc/inc/filter.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 81dbd9a..2c8b19c 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -2301,6 +2301,9 @@ EOD;
 # allow our DHCP client out to the {$oc['descr']}
 pass in on \${$oc['descr']} proto udp from any port = 67 to any port = 68 label "allow dhcp client out {$oc['descr']}"
 pass out on \${$oc['descr']} proto udp from any port = 68 to any port = 67 label "allow dhcp client out {$oc['descr']}"
+# allow our DHCPv6 client out to the {$oc['descr']}
+pass in on \${$oc['descr']} proto udp from any port = 547 to any port = 546 label "allow dhcpv6 client out {$oc['descr']}"
+pass out on \${$oc['descr']} proto udp from any port = 546 to any port = 547 label "allow dhcpv6 client out {$oc['descr']}"
 # Not installing DHCP server firewall rules for {$oc['descr']} which is configured for DHCP.
 
 EOD;
-- 
cgit v1.1