diff options
Diffstat (limited to 'package/firewall/files')
| -rw-r--r-- | package/firewall/files/firewall.config | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/package/firewall/files/firewall.config b/package/firewall/files/firewall.config index c7bc79825..b47823fe2 100644 --- a/package/firewall/files/firewall.config +++ b/package/firewall/files/firewall.config @@ -48,27 +48,16 @@ config rule option src wan option dest * option proto icmp - list icmp_type router-solicitation - list icmp_type router-advertisement - list icmp_type neighbour-solicitation - list icmp_type neighbour-advertisement list icmp_type echo-request list icmp_type destination-unreachable list icmp_type packet-too-big list icmp_type time-exceeded + list icmp_type bad-header + list icmp_type unknown-header-type option limit 1000/sec option family ipv6 option target ACCEPT -# Drop leaking router advertisements on WAN -config rule - option src * - option dest wan - option proto icmp - option icmp_type router-advertisement - option family ipv6 - option target DROP - # include a file with users custom iptables rules config include option path /etc/firewall.user |