Project

General

Profile

« Previous | Next » 

Revision b868d9a0

Added by Seth Mos almost 14 years ago

Add the dhcp6 firewall rules so the client can get out.
Add a type6 field so that we can distinguish the ipv6 configuration types

View differences:

etc/inc/filter.inc
783 783 
			continue;
784 784 
		$oic['ip'] = get_interface_ip($if);
785 785 
		$oic['ipv6'] = get_interface_ipv6($if);
786 
		if(!is_ipaddr($oc['ipaddr']) && !empty($oc['ipaddr']))
786 
		if(!is_ipaddrv4($oc['ipaddr']) && !empty($oc['ipaddr']))
787 787 
			$oic['type'] = $oc['ipaddr'];
788 
		if(!is_ipaddrv6($oc['ipaddrv6']) && !empty($oc['ipaddrv6']))
789 
			$oic['type6'] = $oc['ipaddrv6'];
788 790 
		$oic['sn'] = get_interface_subnet($if);
789 791 
		$oic['snv6'] = get_interface_subnetv6($if);
790 792 
		$oic['mtu'] = empty($oc['mtu']) ? 1500 : $oc['mtu'];
......
2378 2380 
# allow our DHCP client out to the {$oc['descr']}
2379 2381 
pass in on \${$oc['descr']} proto udp from any port = 67 to any port = 68 label "allow dhcp client out {$oc['descr']}"
2380 2382 
pass out on \${$oc['descr']} proto udp from any port = 68 to any port = 67 label "allow dhcp client out {$oc['descr']}"
2381 
# allow our DHCPv6 client out to the {$oc['descr']}
2382 
pass in on \${$oc['descr']} proto udp from any port = 547 to any port = 546 label "allow dhcpv6 client out {$oc['descr']}"
2383 
pass out on \${$oc['descr']} proto udp from any port = 546 to any port = 547 label "allow dhcpv6 client out {$oc['descr']}"
2384 2383 
# Not installing DHCP server firewall rules for {$oc['descr']} which is configured for DHCP.
2385 2384 

  		




  2386
  2385
  
    
EOD;


  		




  ......




  2411
  2410
  
    
				}


  		




  2412
  2411
  
    

  		




  2413
  2412
  
    
			}


  		




  
  2413
  
    
			break;


  		




  
  2414
  
    
		}


  		




  
  2415
  
    
		switch($oc['type6']) {


  		




  
  2416
  
    
		case "dhcp6":


  		




  
  2417
  
    
			$ipfrules = <<<EOD


  		




  
  2418
  
    

  		




  
  2419
  
    
# allow our DHCPv6 client out to the {$oc['descr']}


  		




  
  2420
  
    
pass in on \${$oc['descr']} proto udp from any port = 547 to any port = 546 label "allow dhcpv6 client out {$oc['descr']}"


  		




  
  2421
  
    
pass out on \${$oc['descr']} proto udp from any port = 546 to any port = 547 label "allow dhcpv6 client out {$oc['descr']}"


  		




  
  2422
  
    

  		




  
  2423
  
    
EOD;


  		




  
  2424
  
    
			break;


  		




  
  2425
  
    
		default:


  		




  2414
  2426
  
    
			if(isset($config['dhcpdv6'][$on]['enable'])) {


  		




  2415
  2427
  
    
				$ipfrules .= <<<EOD


  		




  2416
  2428
  
    

  		












Also available in:  Unified diff