#19772: Firewall drops incoming 6rd packets
-----------------------+------------------------
Reporter: jlode90@… | Owner: developers
Type: defect | Status: new
Priority: normal | Milestone:
Component: packages | Version: Trunk
Keywords: |
-----------------------+------------------------
After a fresh install of OpenWrt and the minimum packages I need to get
6rd working, I appear to have IPv6 connectivity with everyone except my
neighbors (customers of the same ISP).
How IPv6 packets are normally accepted by the firewall:
Packets from the "Internet outside of my ISP" goes through the configured
6rd relay, so incoming traffic gets accepted because of connection
tracking (wan_ip <-> 6rd relay).
How IPv6 packets from my neighbors are not matched by the same rule:
When SIT packets are sent directly from people on my side of the 6rd relay
(other customers of the same ISP), they don't get accepted by the
conntrack rule, because the source address is obviously not that of the
6rd relay, and there is no other rule in place to accept this traffic.
For now, I added a rule to the input_wan_rule chain to accept all SIT
traffic with "--protocol 41".
--
Ticket URL: <https://dev.openwrt.org/ticket/19772>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
