diff options
| author | hagbard-01 <39653662+hagbard-01@users.noreply.github.com> | 2019-01-29 13:42:54 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-29 13:42:54 -0800 |
| commit | 23447bef89a46f44d7544f15c2755d33f38ffd4c (patch) | |
| tree | 6711fab7b80825fdab112d60625d290036150c96 /scripts/firewall/firewall.init.in | |
| parent | f9c89b30f7598e769837ff33dd9dfb2847e5053f (diff) | |
| parent | 012c8c62fe1cebc58089ae76d127a64e82508c13 (diff) | |
| download | vyatta-cfg-firewall-23447bef89a46f44d7544f15c2755d33f38ffd4c.tar.gz vyatta-cfg-firewall-23447bef89a46f44d7544f15c2755d33f38ffd4c.zip | |
Merge pull request #12 from mevertse/current
T166: Changed NPTv6 to use NETMAP
Diffstat (limited to 'scripts/firewall/firewall.init.in')
| -rw-r--r-- | scripts/firewall/firewall.init.in | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/scripts/firewall/firewall.init.in b/scripts/firewall/firewall.init.in index 98ed54a..d6d2be8 100644 --- a/scripts/firewall/firewall.init.in +++ b/scripts/firewall/firewall.init.in @@ -150,6 +150,12 @@ start () { ip6tables -t mangle -N VYOS_SNPT_HOOK ip6tables -t mangle -A VYOS_SNPT_HOOK -j RETURN ip6tables -t mangle -A POSTROUTING -j VYOS_SNPT_HOOK + ip6tables -t nat -N VYOS_DNPT_HOOK + ip6tables -t nat -A VYOS_DNPT_HOOK -j RETURN + ip6tables -t nat -A PREROUTING -j VYOS_DNPT_HOOK + ip6tables -t nat -N VYOS_SNPT_HOOK + ip6tables -t nat -A VYOS_SNPT_HOOK -j RETURN + ip6tables -t nat -A POSTROUTING -j VYOS_SNPT_HOOK # NOTRACK hook : not needed, since every v6 connection is NOTRACK'ed for now (see a few lines up) # ip6tables -t raw -N VYOS_NPT_HOOK # ip6tables -t raw -A PREROUTING -j VYOS_NPT_HOOK |