From: Aaron Jones Date: Sun, 11 Aug 2019 06:08:07 +0000 (+0000) Subject: luci-app-firewall: rules: allow ICMPv6 ND types X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=17f3e03930a79aecbb6ebcf851e47473d099ad32;p=project%2Fluci.git luci-app-firewall: rules: allow ICMPv6 ND types The "Match ICMP Type" dropdown had entries for router solicitation & router advertisements, but not the more generic neighbour solicitation & neighbour advertisements. A LAN cannot function without Neighbour Discovery; this means that setting a LAN interface default input policy to REJECT breaks IPv6 WAN access for all hosts on that LAN; as they can no longer discover their gateway's MAC address. This can be fixed with appropriate rules allowing ND input, which this patch allows one to do in LuCI. The spelling is the same as in [1]. [1] Signed-off-by: Aaron Jones --- diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js index 4252cf3691..e0c858fc41 100644 --- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js +++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/rules.js @@ -247,6 +247,8 @@ return L.view.extend({ o.value('echo-request'); o.value('router-advertisement'); o.value('router-solicitation'); + o.value('neighbour-advertisement'); + o.value('neighbour-solicitation'); o.value('time-exceeded'); o.value('ttl-zero-during-transit'); o.value('ttl-zero-during-reassembly');