ip6tables: allow dhcp6d from aws
While we actually use SLAAC in aws, there's a dhcp6d sending out the router advertisements, so without that the instance doesn't get an ipv6 ip and just doesn't work. With this it does. Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi
parent
98410c9b7b
commit
0d08f15f41
1 changed files with 3 additions and 1 deletions
|
|
@ -14,9 +14,11 @@
|
|||
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
|
||||
# Established connections allowed
|
||||
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
|
||||
# allow dhcp6d from aws
|
||||
-A INPUT -d fe80::/64 -p udp -m udp --dport 546 --sport 547 -j ACCEPT
|
||||
|
||||
# if the blocked_ips is defined - drop them
|
||||
{% if blocked_ip_v6 is defined %}
|
||||
{% for ip in blocked_ip_v6 %}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue