From cf38136b005219917098a0562b0833fa28e007d7 Mon Sep 17 00:00:00 2001
From: Aaron Goodman <aaronjg@stanford.edu>
Date: Thu, 28 May 2020 18:27:59 -0400
Subject: [PATCH] mwan3: Do not mangle outgoing ipv6 pings

Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
---
 net/mwan3/files/lib/mwan3/mwan3.sh | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/net/mwan3/files/lib/mwan3/mwan3.sh b/net/mwan3/files/lib/mwan3/mwan3.sh
index ce3fc4e906..e8044f76aa 100644
--- a/net/mwan3/files/lib/mwan3/mwan3.sh
+++ b/net/mwan3/files/lib/mwan3/mwan3.sh
@@ -240,7 +240,7 @@ mwan3_set_custom_ipset()
 
 mwan3_set_connected_iptables()
 {
-	local connected_network_v4 connected_network_v6
+	local connected_network_v4 connected_network_v6 source_network_v6
 
 	$IPS -! create mwan3_connected_v4 hash:net
 	$IPS create mwan3_connected_v4_temp hash:net
@@ -272,6 +272,14 @@ mwan3_set_connected_iptables()
 	$IPS -! add mwan3_connected mwan3_connected_v4
 	$IPS -! add mwan3_connected mwan3_connected_v6
 
+	$IPS -! create mwan3_source_v6 hash:net family inet6
+	$IPS create mwan3_source_v6_temp hash:net family inet6
+	for source_network_v6 in $($IP6 addr ls  | sed -ne 's/ *inet6 \([^ \/]*\).* scope global.*/\1/p'); do
+		$IPS -! add mwan3_source_v6_temp $source_network_v6
+	done
+	$IPS swap mwan3_source_v6_temp mwan3_source_v6
+	$IPS destroy mwan3_source_v6_temp
+
 	$IPS -! create mwan3_dynamic_v4 hash:net
 	$IPS -! add mwan3_connected mwan3_dynamic_v4
 
@@ -343,6 +351,12 @@ mwan3_set_general_iptables()
 					-p ipv6-icmp \
 					-m icmp6 --icmpv6-type 137 \
 					-j RETURN
+				# do not mangle outgoing echo request
+				$IPT6 -A mwan3_hook \
+				      -m set --match-set mwan3_source_v6 src \
+				      -p ipv6-icmp -m icmp6 --icmpv6-type 128 \
+				      -j RETURN
+
 			fi
 			$IPT -A mwan3_hook \
 				-j CONNMARK --restore-mark --nfmask $MMX_MASK --ctmask $MMX_MASK
-- 
2.30.2