diff options
| author | Hajimu UMEMOTO <ume@FreeBSD.org> | 2005-10-09 04:35:10 +0000 |
|---|---|---|
| committer | Hajimu UMEMOTO <ume@FreeBSD.org> | 2005-10-09 04:35:10 +0000 |
| commit | 8d3ea92cb880e343b8ef00921f17b07d92774473 (patch) | |
| tree | 2de793d3b9d8304e73a2b5f11f21f91e6a570dab /etc | |
| parent | 0c785ccd4dd9e041906e07e1fac8167e09d43706 (diff) | |
Notes
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/rc.firewall6 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/rc.firewall6 b/etc/rc.firewall6 index 289b7dc64f94..c14a09a74ed8 100644 --- a/etc/rc.firewall6 +++ b/etc/rc.firewall6 @@ -188,6 +188,10 @@ case ${ipv6_firewall_type} in ${fw6cmd} add deny all from ${inet}/${iprefixlen} to any in via ${oif} ${fw6cmd} add deny all from ${onet}/${oprefixlen} to any in via ${iif} + # Stop unique local unicast address on the outside interface + ${fw6cmd} add deny all from fc00::/7 to any via ${oif} + ${fw6cmd} add deny all from any to fc00::/7 via ${oif} + # Stop site-local on the outside interface ${fw6cmd} add deny all from fec0::/10 to any via ${oif} ${fw6cmd} add deny all from any to fec0::/10 via ${oif} |