Merge pull request #2163 from sarthurdev/firewall_rpfilter

firewall: T3509: Add support for IPv6 reverse path filtering
author: Christian Breunig <christian@breunig.cc> 2023-08-26 14:59:10 +0200
committer: GitHub <noreply@github.com> 2023-08-26 14:59:10 +0200
commit: 75aa90cf2b234a34565d165697196ac9a304bb66 (patch)
tree: 8a1c07e17cec0333b71ed32c12f403953a762afe /data/vyos-firewall-init.conf
parent: 3144b67f1b04e88f5ba928db2eee6f198be04a3a (diff)
parent: 2509a1ab84cdb6d9389b547f93b0904cf329e78a (diff)
download: vyos-1x-75aa90cf2b234a34565d165697196ac9a304bb66.tar.gz
vyos-1x-75aa90cf2b234a34565d165697196ac9a304bb66.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/data/vyos-firewall-init.conf b/data/vyos-firewall-init.conf
index 36d92fe93..ab25ab4bd 100644
--- a/data/vyos-firewall-init.conf
+++ b/data/vyos-firewall-init.conf
@@ -82,6 +82,10 @@ table ip6 raw {
         type filter hook forward priority -300; policy accept;
     }
 
+    chain vyos_rpfilter {
+        type filter hook prerouting priority -300; policy accept;
+    }
+
     chain PREROUTING {
         type filter hook prerouting priority -300; policy accept;
         counter jump VYOS_CT_PREROUTING_HOOK
author	Christian Breunig <christian@breunig.cc>	2023-08-26 14:59:10 +0200
committer	GitHub <noreply@github.com>	2023-08-26 14:59:10 +0200
commit	75aa90cf2b234a34565d165697196ac9a304bb66 (patch)
tree	8a1c07e17cec0333b71ed32c12f403953a762afe /data/vyos-firewall-init.conf
parent	3144b67f1b04e88f5ba928db2eee6f198be04a3a (diff)
parent	2509a1ab84cdb6d9389b547f93b0904cf329e78a (diff)
download	vyos-1x-75aa90cf2b234a34565d165697196ac9a304bb66.tar.gz vyos-1x-75aa90cf2b234a34565d165697196ac9a304bb66.zip