diff options
| author | Daniil Baturin <daniil@baturin.org> | 2019-03-26 01:31:26 +0100 |
|---|---|---|
| committer | Daniil Baturin <daniil@baturin.org> | 2019-03-26 01:31:26 +0100 |
| commit | db6c50d2723a75150a30779d70e0f6961377412d (patch) | |
| tree | e4b1a94a184a3cb08168924d3fe57695db0367a6 | |
| parent | 92571a4d92de3cda623c67b2f977af9aab10be8b (diff) | |
| parent | 2cd6280b90042efac7c37be4835f70ed06514504 (diff) | |
| download | vyatta-cfg-firewall-db6c50d2723a75150a30779d70e0f6961377412d.tar.gz vyatta-cfg-firewall-db6c50d2723a75150a30779d70e0f6961377412d.zip | |
Merge branch 'current' into crux
| -rw-r--r-- | scripts/firewall/firewall.init.in | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 98ed54a..d6d2be8 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -150,6 +150,12 @@ start () { ip6tables -t mangle -N VYOS_SNPT_HOOK ip6tables -t mangle -A VYOS_SNPT_HOOK -j RETURN ip6tables -t mangle -A POSTROUTING -j VYOS_SNPT_HOOK + ip6tables -t nat -N VYOS_DNPT_HOOK + ip6tables -t nat -A VYOS_DNPT_HOOK -j RETURN + ip6tables -t nat -A PREROUTING -j VYOS_DNPT_HOOK + ip6tables -t nat -N VYOS_SNPT_HOOK + ip6tables -t nat -A VYOS_SNPT_HOOK -j RETURN + ip6tables -t nat -A POSTROUTING -j VYOS_SNPT_HOOK # NOTRACK hook : not needed, since every v6 connection is NOTRACK'ed for now (see a few lines up) # ip6tables -t raw -N VYOS_NPT_HOOK # ip6tables -t raw -A PREROUTING -j VYOS_NPT_HOOK |