Displaying 1 result from an estimated 1 matches for "input_icmpv6_packet".
Did you mean:
input_icmpv6_packets
2011 Nov 16
1
[Bug 761] New: Bug in ICMPv6 type and code fields processing
..._icmpv6_list
ipset -! create legal_icmpv6_list hash:net,port family inet6
ipset flush legal_icmpv6_list
for dest in ${ICMPV6_LEGAL_DEST[@]} ; do
for icmp in ${ICMPV6_TYPES[@]} ; do
ipset add -! legal_icmpv6_list ${dest},icmpv6:${icmp}
done
done
ip6tables -N input_icmpv6_packets
ip6tables -A input_icmpv6_packets -m set --match-set "legal_icmpv6_list"
dst,dst -j ACCEPT
ip6tables -A input_icmpv6_packets -j LOG --log-prefix "ICMPv6 pkt: "
ip6tables -A input_icmpv6_packets -j DROP
ip6tables -A INPUT -p ICMPv6 -g input_icmpv6_packets
After that...